Update EncryptedProperties self tests to avoid expected failures (GH #721)

[noloader]

Several of ReferenceEncryptedProperties's methods were deprecated and now throw an UnsupportedOperation exception. This commit comments out the offending code and prints a message alerting to the removal.

[noloader]

The changes result in success when running the self tests:

[INFO] Results:
[INFO] 
[INFO] Tests run: 4274, Failures: 0, Errors: 0, Skipped: 0
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  32.574 s
[INFO] Finished at: 2022-07-19T15:18:22-04:00
[INFO] ------------------------------------------------------------------------

[kwwall]

Did they change the JDK at some point where you can o longer invoke a deprecated method via reflection? Seems so. Anyone know what version that would be in. Have to believe there's some magic workaround documented somewhere, such as setting a System property "-DYes.I.Really.Want.To.Call.Deprecated.Methods=true". 😁

-kevin

On Tue, Jul 19, 2022, 3:19 PM Jeffrey Walton @.***> wrote:

The changes result in success when running the self tests:

[INFO] Results: [INFO] [INFO] Tests run: 4274, Failures: 0, Errors: 0, Skipped: 0 [INFO] [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 32.574 s [INFO] Finished at: 2022-07-19T15:18:22-04:00 [INFO] ------------------------------------------------------------------------

— Reply to this email directly, view it on GitHub https://github.com/ESAPI/esapi-java-legacy/pull/728#issuecomment-1189462791, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAO6PG6OHTDJFZCLAAW5AU3VU35TPANCNFSM54BBVKGQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[noloader]

Did they change the JDK at some point where you can no longer invoke a deprecated method via reflection?

Not sure. This might also be related to ReferenceEncryptedProperties.java. When I search for "This method has been removed for security", it lands in ReferenceEncryptedProperties.java:

$ grep -IR 'This method has been removed for security'
src/main/java/org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.java:        throw new UnsupportedOperationException("This method has been removed for security.");
src/main/java/org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.java:        throw new UnsupportedOperationException("This method has been removed for security.");
src/main/java/org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.java:        throw new UnsupportedOperationException("This method has been removed for security.");
src/main/java/org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.java:        throw new UnsupportedOperationException("This method has been removed for security.");
src/main/java/org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.java:        throw new UnsupportedOperationException("This method has been removed for security.");

---

In case it is related to my environment:

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.4 LTS
Release:        20.04
Codename:       focal

$ java -version
openjdk version "11.0.15" 2022-04-19
OpenJDK Runtime Environment (build 11.0.15+10-Ubuntu-0ubuntu0.20.04.1)
OpenJDK 64-Bit Server VM (build 11.0.15+10-Ubuntu-0ubuntu0.20.04.1, mixed mode, sharing)

[xeno6696]

[noloader]

Closing. This is the wrong approach.