SEC-422: Correct SQL to increase database compatibility.

acl/src/main/java/org/springframework/security/acls/jdbc/BasicLookupStrategy.java

@@ -97,19 +97,30 @@ public final class BasicLookupStrategy implements LookupStrategy {
     private static String computeRepeatingSql(String repeatingSql, int requiredRepetitions) {
         Assert.isTrue(requiredRepetitions >= 1, "Must be => 1");
 
-        String startSql = "select ACL_OBJECT_IDENTITY.OBJECT_ID_IDENTITY, ACL_ENTRY.ACE_ORDER, "
-            + "ACL_OBJECT_IDENTITY.ID as ACL_ID, " + "ACL_OBJECT_IDENTITY.PARENT_OBJECT, "
-            + "ACL_OBJECT_IDENTITY,ENTRIES_INHERITING, "
-            + "ACL_ENTRY.ID as ACE_ID, ACL_ENTRY.MASK, ACL_ENTRY.GRANTING, "
-            + "ACL_ENTRY.AUDIT_SUCCESS, ACL_ENTRY.AUDIT_FAILURE, "
-            + "ACL_SID.PRINCIPAL as ACE_PRINCIPAL, ACL_SID.SID as ACE_SID, "
-            + "ACLI_SID.PRINCIPAL as ACL_PRINCIPAL, ACLI_SID.SID as ACL_SID, " + "ACL_CLASS.CLASS "
-            + "from ACL_OBJECT_IDENTITY, ACL_SID ACLI_SID, ACL_CLASS "
-            + "LEFT JOIN ACL_ENTRY ON ACL_OBJECT_IDENTITY.ID = ACL_ENTRY.ACL_OBJECT_IDENTITY "
-            + "LEFT JOIN ACL_SID ON ACL_ENTRY.SID = ACL_SID.ID where ACLI_SID.ID = ACL_OBJECT_IDENTITY.OWNER_SID "
-            + "and ACL_CLASS.ID = ACL_OBJECT_IDENTITY.OBJECT_ID_CLASS " + "and ( ";
-
-        String endSql = ") order by ACL_OBJECT_IDENTITY.OBJECT_ID_IDENTITY asc, ACL_ENTRY.ACE_ORDER asc";
+        String startSql = "select ACL_OBJECT_IDENTITY.OBJECT_ID_IDENTITY, " 
+	        + "ACL_ENTRY.ACE_ORDER,  "
+	        + "ACL_OBJECT_IDENTITY.ID as ACL_ID, " 
+	        + "ACL_OBJECT_IDENTITY.PARENT_OBJECT, "
+	        + "ACL_OBJECT_IDENTITY.ENTRIES_INHERITING, " 
+	        + "ACL_ENTRY.ID as ACE_ID, "
+	        + "ACL_ENTRY.MASK,  "
+	        + "ACL_ENTRY.GRANTING,  "
+	        + "ACL_ENTRY.AUDIT_SUCCESS, " 
+	        + "ACL_ENTRY.AUDIT_FAILURE,  "
+	        + "ACL_SID.PRINCIPAL as ACE_PRINCIPAL, " 
+	        + "ACL_SID.SID as ACE_SID,  "
+	        + "ACLI_SID.PRINCIPAL as ACL_PRINCIPAL, " 
+	        + "ACLI_SID.SID as ACL_SID, "
+	        + "ACL_CLASS.CLASS " 
+	        + "from ACL_OBJECT_IDENTITY " 
+	        + "left join ACL_SID ACLI_SID on  ACLI_SID.ID = ACL_OBJECT_IDENTITY.OWNER_SID " 
+	        + "left join ACL_CLASS on ACL_CLASS.ID = ACL_OBJECT_IDENTITY.OBJECT_ID_CLASS   "
+	        + "left join ACL_ENTRY on ACL_OBJECT_IDENTITY.ID = ACL_ENTRY.ACL_OBJECT_IDENTITY " 
+	        + "left join ACL_SID on ACL_ENTRY.SID = ACL_SID.ID  "
+	        + "where ( ";
+
+        String endSql = ") order by ACL_OBJECT_IDENTITY.OBJECT_ID_IDENTITY" 
+        	+ " asc, ACL_ENTRY.ACE_ORDER asc";
 
         StringBuffer sqlStringBuffer = new StringBuffer();
         sqlStringBuffer.append(startSql);

acl/src/main/java/org/springframework/security/acls/jdbc/JdbcMutableAclService.java

@@ -65,13 +65,13 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
     private String deleteEntryByObjectIdentityForeignKey = "DELETE FROM acl_entry WHERE acl_object_identity=?";
     private String deleteObjectIdentityByPrimaryKey = "DELETE FROM acl_object_identity WHERE id=?";
     private String identityQuery = "call identity()";
-    private String insertClass = "INSERT INTO acl_class (id, class) VALUES (null, ?)";
+    private String insertClass = "INSERT INTO acl_class (class) VALUES (?)";
     private String insertEntry = "INSERT INTO acl_entry "
-        + "(id, acl_object_identity, ace_order, sid, mask, granting, audit_success, audit_failure)"
-        + "VALUES (null, ?, ?, ?, ?, ?, ?, ?)";
+        + "(acl_object_identity, ace_order, sid, mask, granting, audit_success, audit_failure)"
+        + "VALUES (?, ?, ?, ?, ?, ?, ?)";
     private String insertObjectIdentity = "INSERT INTO acl_object_identity "
-        + "(id, object_id_class, object_id_identity, owner_sid, entries_inheriting) " + "VALUES (null, ?, ?, ?, ?)";
-    private String insertSid = "INSERT INTO acl_sid (id, principal, sid) VALUES (null, ?, ?)";
+        + "(object_id_class, object_id_identity, owner_sid, entries_inheriting) " + "VALUES (?, ?, ?, ?)";
+    private String insertSid = "INSERT INTO acl_sid (principal, sid) VALUES (?, ?)";
     private String selectClassPrimaryKey = "SELECT id FROM acl_class WHERE class=?";
     private String selectCountObjectIdentityRowsForParticularClassNameString = "SELECT COUNT(acl_object_identity.id) "
         + "FROM acl_object_identity, acl_class WHERE acl_class.id = acl_object_identity.object_id_class and class=?";
@@ -379,4 +379,10 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
             throw new NotFoundException("Unable to locate ACL to update");
         }
     }
+
+	public void setIdentityQuery(String identityQuery) {
+		Assert.hasText(identityQuery, "New identity query is required");
+		this.identityQuery = identityQuery;
+	}
+    
 }