How to get current java.net.Authenticator in Java 9 without reflection.
Andrew Guibert
aguibert at us.ibm.com
Wed Mar 29 18:00:35 UTC 2017
Thanks Michael! This is precisely what I need.
Michael McMahon <michael.x.mcmahon at oracle.com> wrote on 03/29/2017 12:05:50
PM:
> From: Michael McMahon <michael.x.mcmahon at oracle.com>
> To: Andrew Guibert/Rochester/IBM at IBMUS
> Cc: jdk9-dev at openjdk.java.net
> Date: 03/29/2017 12:06 PM
> Subject: Re: How to get current java.net.Authenticator in Java 9
> without reflection.
>
> Andrew
>
> There is a new method added in 9
>
> public static Authenticator getDefault();
>
> which looks like what you need
>
> - Michael.
>
>
>
> On 29/03/2017, 17:29, Andrew Guibert wrote:
> >
> > Hello all,
> >
> > I am working on cleaning up some library dependencies of my product in
> > preparation for Java 9. One of the dependencies is Apache CXF, which
tries
> > to wrap the default java.net.Authenticator with a custom
CXFAuthenticator.
> > Currently the code uses reflection hacks to get the current
Authenticator
> > and then wrap it, which obviously doesn't fly in Java 9.
> >
> > Is there a proper way to get the current java.net.Authenticator?
> > If not, it seems like a new static method "public static Authenticator
> > Authenticator.getAuthenticator()" may be needed. Of course, there
could be
> > j2sec access checks for this, but if code has permissions to set a new
> > Authenticator, I don't see any further security issues with allowing it
to
> > read the current Authenticator.
>
More information about the jdk9-dev
mailing list