Version 4.4.1 |
|
---|---|
December 09, 2011 |
The JavaTest harness, Version 4.4.1 is a maintenance release that fixes issues in many areas. For a detailed report, see Bugs Fixed in Release 4.4.1 .
It is extremely important to note that the JavaTest installation and runtime system is fundamentally a developer system that is not specifically designed to guard against any malicious attacks from outside intruders. If sample code or tests you author make a network call, you can expose the JavaTest operating environment during execution. For this reason, it is critically important to observe the precautions outlined in the following security guidelines when installing and running JavaTest.
The harness itself is self-contained in javatest.jar
. The only external dependency is jh.jar
, which should be placed either on the classpath or in the same directory as javatest.jar
. If desired, the following optional parts of the binary distribution can be deleted:
examples/
directory.doc/
directory.lib/jt-junit.jar
which is an optional binary component.To maintain optimum network security, JavaTest can be installed and run in a "closed" network operating environment, meaning JavaTest is not connected directly to the Internet, or to a company Intranet environment that could introduce unwanted exposure to malicious intrusion. This is the ideal secure operating environment when it is possible.
JavaTest does not require an "Intranet" connection that supports network connections to systems outside the JavaTest architecture to intra-company resources, but, for example, some Java ME applications in a test suite might use an HTTP connection. If JavaTest or applications launched from JavaTest are open to any network access you must observe the following precautions to protect valuable resources from malicious intrusion:
Install JavaTest behind a secure firewall that strictly limits unauthorized network access to the Java ME SDK file system and services. Limit access privileges to those that are required for JavaTest usage while allowing all the I-directional local network communications that are necessary for JavaTest functionality. The firewall configuration must support these requirements to run JavaTest while also addressing them from a security standpoint.
Follow the principle of "least privilege" by assigning the minimum set of system access permissions required for installation and execution of JavaTest.
Do not store any data sensitive information on the same file system that is hosting JavaTest.
To maintain the maximum level of security, make sure the operating system patches are up-to-date on the JavaTest host machine.
When using Java 7 on Windows, the harness might experience problems executing particular parts of the Java 7 APIs because, by default, the harness security manager denies access to certain properties. The problem might manifest as one of the Known Exceptions reproduced below (see java.io.IOException and Socket Exception Error).
There are three ways to workaround the security exceptions:
Use the Java 6 runtime instead. Java 6 is the target execution platform for the harness and is also the minimum Java version supported by the harness.
Set the javatest.security.allowPropertiesAccess
system property to "true"
at startup. The harness security manager (JavaTestSecurityManager) is automatically installed at startup, and its default settings deny access to the System Properties object. You can manually allow access to harness properties as follows:
java -Djavatest.security.allowPropertiesAccess=true ...
Enable and disable property access programatically. The following code temporarily allows properties access until after the code in the try
block is executed. Beware of race conditions when using this code.
SecurityManager sm = System.getSecurityManager(); JavaTestSecurityManager jtSm = null; boolean prev = false; if (sm != null && sm instanceof JavaTestSecurityManager) { jtSm = (JavaTestSecurityManager) sm; prev = jtSm.setAllowPropertiesAccess(true); } try { // execute exception causing actions here } finally { if (jtSm != null) { jtSm.setAllowPropertiesAccess(prev); } }
The following exceptions might be seen if you use the harness with the Java 7 platform on the Windows operating system. Use one of the above workarounds to avoid these exceptions.
java.io.IOException: The requested operation cannot be performed on a file with a user-mapped section open at sun.nio.ch.FileDispatcherImpl.truncate0(Native Method) at sun.nio.ch.FileDispatcherImpl.truncate(FileDispatcherImpl.java:xxx) at sun.nio.ch.FileChannelImpl.truncate(FileChannelImpl.java:xxx)
java.lang.NoClassDefFoundError: Could not initialize class java.net.SocksSocketImpl at java.net.ServerSocket.setImpl(ServerSocket.java:xxx) at java.net.ServerSocket.<init>(ServerSocket.java:xxx) at java.net.ServerSocket.<init>(ServerSocket.java:xxx) at com.sun.jck.lib.multijvm.group.TaskManager.run(TaskManager.java:xxx) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:xxx) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:xxx) at java.lang.Thread.run(Thread.java:xxx) or with the following exception: java.lang.ExceptionInInitializerError at java.net.ServerSocket.setImpl(ServerSocket.java:xxx) at java.net.ServerSocket.<init>(ServerSocket.java:xxx) at java.net.ServerSocket.<init>(ServerSocket.java:xxx) at com.sun.jck.lib.multijvm.group.TaskManager.run(TaskManager.java:xxx) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:xxx) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:xxx) at java.lang.Thread.run(Thread.java:xxx ) Caused by: java.lang.SecurityException: Action forbidden by JavaTest Harness: checkPropertiesAccess at com.sun.javatest.JavaTestSecurityManager.checkPropertiesAccess(JavaTestSecurityManager.java:xxx) at java.lang.System.getProperties(System.java:xxx) at java.net.PlainSocketImpl$1.run(PlainSocketImpl.java:xxx) at java.security.AccessController.doPrivileged(Native Method) at java.net.PlainSocketImpl.<clinit>(PlainSocketImpl.java:xxx)
This maintenance release of the JavaTest harness contains fixes for the following bugs:
Bug ID | Description |
---|---|
7056831 | Unexpected exception from ParameterFilter.accepts() |
7107961, 7105486 | Validate user-specified input XML files before accepting them. |
7072978 | Poor formatting in exit confirmation dialog |
7001745 | Fault while filtering tests for display may lead to incorrect rendering |
The following are known issues in the JavaTest 4.4.1 release.
Bug ID | Description |
---|---|
6434239 | A long name for template/configuration files cannot be fully displayed. |
6446655 | There's a keyboard navigation problem in the Tests To Run tree. |
6451875 | Log Viewer: Impossible to mark log text when live scrolling mode is ON. |
6478125 | Some files remain locked after closing the working directory, preventing the deletion of the directory. |
6488302 | Errors while opening write-protected working directory. |
6518334 | Report Converter does not generate an error message for an existing report file. |
6518375 | Resolving conflicts between two reports in the Report Converter is confusing. |
6543609 | "Waiting to lock test result cache" is not interruptible. |
6675884 | Tooltips in PropertiesQuestion are sometimes incorrect. |
6796286 | Inconsistent style for editing numeric values in IntQuestion, FloatQuestion and PropertiesQuestion. |
The JavaTest harness, Version 4.1 release provided basic changes in the following areas:
.jtm
file extension.
.jti
file).
Version 4.1.2 was a bug fix release.
Version 4.1.3 added support for test suites based on JUnit 3.8.x and 4.x and also addressed bug fixes.
Version 4.1.4 was a bug fix release.
Version 4.2 was a bug fix release.
Version 4.2.1 was a maintenance release. It included changes to enable the Test Panel to update as a test runs, and extended the Quick Pick execution to include Tests to Run settings in configurations. This behavior is controlled by preference settings.
Version 4.3 was a maintenance release with the following major features:
Version 4.4 was a maintenance release with the following features:
To assist in analyzing/comparing results between test runs, the known failures list (KFL) concept has been added to the harness. It allows the user to specify one or more files which contain the names of tests that are known to result in a Failed status when executed. When you supply this list of tests to the harness (using the command line or the Configuration Editor) the HTML report can generate an additional section that can help readers identify which tests have an unexpected result (as compared to what expected results the KFL represents). See the CLI and GUI User guides or the online help for more information.
Historically the matching of test names in an exclude list (and generally within the harness) is case-insensitive, although case is preserved by the harness internally. Matching can now be case sensitive if the javatest.caseSensitiveJtx
System property is set to true. In the future, a programmatic way to do this might be provided.
The general usage is:
java -Djavatest.caseSensitiveJtx=true -jar ...
Run JavaTest harness, Version 4.4.1 with Java Platform, Standard Edition (Java SE) 6.0 or later.
Because of the method the Java SE platform uses to render fonts, when you print a document from the JavaTest user interface, the fonts in the printed documents are larger than they are when rendered on the screen.
The JavaTest harness User's Guides have been provided in PDF form for your use in printing pages from the documents. While the online help viewer supports printing operations, in some cases you may be unable to use it to print a specific page. If this occurs, use the PDF version of the appropriate User's Guide to print the page. Printing of non-HTML report types is not supported. Users are informed of this when they attempt to print a non-HTML report type. Support will be added for this in a future release.
The JavaTest harness allows the user to specify the status colors used in the GUI. See the online help for detailed information about changing the default status colors. A limited number of color options is available in the GUI Preference dialog.
The Agent Monitor tool may not apply to all test suites, even if the test suite uses an agent. See your test suite documentation for detailed information about the agent that it uses and its use of the Agent Monitor tool.
Copyright © 1996, 2011, Oracle and/or its affiliates. All rights reserved.