GSSCredential

Douglas Surber douglas.surber at oracle.com
Thu Jun 6 16:54:04 UTC 2019 

I built a test case. "requires static" does exactly what we need. Adding gssCredential(GSSCredential credential) to ConnectionBuilder does not require user code to include the module java.security.jgss unless they actually mention the type. So assuming {@code requires static java.security.jgss;} is added to java.sql module-info.java apps that do not use gssCredential will not require java.security.jgss in the module-path. if the app wants to use gssCredential it will have to include {@code requires java.security.jgss;} in its module-info.java. I see no reason not to add gssCredential because of any dependency.

Douglas

> On Jun 6, 2019, at 2:02 AM, Philippe Marschall <pm at netcetera.ch> wrote:
> 
> On 05.06.19 17:57, Douglas Surber wrote:
>> I believe that even if this were added to the java.sql module, users of that module would not have to use java.security.jgss unless they actually used the method. java.security.jgss would not be required either to compile against java.sql or to execute code compiled against java.sql unless the method was used. Yes, compiling java.sql would require java.security,jgss, but using the compiled code either to build or execute would not.
>> Is my understanding correct?
> 
> I don't think so. jlink allows you to build a JDK with just the transitive closure of the modules you need. This means that java.security.jgss may not be present. It is my understanding that in this case ConnectionBuilder will not load.
> 
> 
>> And regardless of whether the above is correct, if we decide not to include this method in java.sql, how should this capability be exposed in standard way? Surely the move to modules is not so restrictive as to prevent exposing such a capability when all the types in question are present in Java SE.
> 
> The issue is with exposing types on interfaces that should work when types are not present, ie. ConnectionBuilder.
> 
> I think a possible solution may include an extension mechanism on ConnectionBuilder. Something like
> 
> ConnectionBuilder credential(CredentialAccessor ca);
> 
> interface java.sql.CredentialAccessor<T> {
> 
>  T getCredential();
> 
> }
> 
> interface java.sql.GssCredentialAccessor extends java.sql.CredentialAccessor<org.ietf.jgss.GSSCredential> {
> 
> 
> }
> 
> There is probably room for improvement here but such design or similar would allow for using other credentials as well without having their types on ConnectionBuilder.
> 
> I think it is best to ask for feedback on jigsaw-dev.
> 
> Cheers
> Philippe

More information about the jdbc-spec-discuss mailing list