RFR: 8290367: Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property [v2]

Aleksei Efimov aefimov at openjdk.org
Fri Sep 9 16:55:46 UTC 2022


On Fri, 9 Sep 2022 15:29:22 GMT, Roger Riggs <rriggs at openjdk.org> wrote:

> Is the case of -Dcom.sun.jndi.ldap.object.trustSerialData (w/o a value) well defined.

Deserialization and reconstruction of Java objects are only allowed when the system property is set to "true". That's how its defined in `java.naming` module info:

> "To allow the deserialization or reconstruction of java objects from {@code javaSerializedData},
> {@code javaRemoteLocation} or {@code javaReferenceAddress} attributes,
> the system property value can be set to {@code true}"
> 

Other values and no value do not allow deserialization and reconstruction.

> Does it need a test.

Yes - I've updated the test with additional `run` tag with no value set for `com.sun.jndi.ldap.object.trustSerialData`, also fixed the indentation in jtreg header.

-------------

PR: https://git.openjdk.org/jdk/pull/10228


More information about the core-libs-dev mailing list