Client stuck on query execution with security manager enabled

[hzerip]

Neo4j version: 5-aura
Neo4j Mode: AuraDB
Driver version: Java language driver 5.22.0
Operating system: macOS/Linux

Steps to reproduce

1. Push some data to db
2. Create a Java Client
3. Enable security manager
4. Run query to get number of items
5. The query gets stuck

  public static void main(String[] args) {
          var boltUrl = "bolt+s://%s".formatted(address);
          var driver =  GraphDatabase.driver(boltUrl, AuthTokens.basic(username, password));
  
          for (int i = 1; i <= 20; i++) {
              driver.executableQuery("CREATE (:TestSource {name: $name})")
                  .withParameters(Map.of("name", "name-" + i))
                  .execute();
          }
  
          var result = driver.executableQuery("MATCH (a: TestSource) RETURN count(a) as count").execute();
          var count = result.records().get(0).get("count").asInt();
          System.out.println("Count: " + count);
          driver.close();
  }

Execution will stuck at this line var result = driver.executableQuery("MATCH (a: TestSource) RETURN count(a) as count").execute();

After doing some debugging I found that the messageDecoderCumulator property is read at this line. Since the JSM is enabled and this property is not allowed to be read the JVM throws a SecurityException and I believe the code calls here doesn't properly handle the exception and causes client to stuck. It worked after adding this line to policy file permission java.util.PropertyPermission "messageDecoderCumulator", "read";.

It's not trivial to find the cause since there is no log, I could find it after several hours 🤦

[injectives]

Hello.

Thank you for taking the time to contact us.

As you might be aware, Security Manager was deprecated in Java 17 and permanently disabled in Java 24.

Even if the line mentioned above is updated, it fails in other places. At present, Java driver does not support Security Manager and there are no plans to support it.

Thank you.