Review Request: loading JCE providers using ServiceLoader

Sean Mullan sean.mullan at oracle.com
Mon Aug 13 13:14:02 PDT 2012 

On 08/12/2012 04:10 PM, Alan Bateman wrote:
> On 09/08/2012 16:14, Sean Mullan wrote:
>> Please review the 2nd webrev for my code changes to enable JCE
>> providers to be
>> registered and loaded as services using the ServiceLoader API:
>>
>> http://cr.openjdk.java.net/~mullan/jigsaw/webrevs/jce-service/webrev.01/

> I think this looks much cleaner. One thing that isn't completely clear
> to me is what happens to security providers that are installed but not
> registered in the java.security file. If I read the code correctly then
> they will be loaded but just ignored because the lookup is keyed on
> class name.

Yes, see my reply to Mandy for more info.

> I looked at the exception handling (which is a hack, as you noted in the
> comments). I'm not so sure that having SCE define a method to get the
> class name of the service is the right thing to do. I think the real
> issue is that the listing the provider class names in the java.security
> file is getting in the way, forcing you to eagerly load all the
> providers so that you can match up the class name and saving any
> exceptions thrown during the loading so that you can throw them later.
> So I think what you have is fine for now but it will need to be
> re-examined, maybe after there is a way to configure the order of the
> service provider modules. If that was a way to do this and we could
> somehow migrate away listing the providers by class name in the
> java.security file then it would be a lot cleaner.

I agree. I think that would also address the SCE hack.

> Just in passing, is UOE documented anywhere? From the javadoc it looks
> like ProviderException is the only exception that may be thrown.

UOE is not documented AFAIK. If a provider's ctor throws an UOE, the 
exception is swallowed, the provider is disabled, and we will not 
attempt to load the provider again, whereas with a ProviderException, 
that exception usually will pass through to the caller (as it may be a 
configuration issue they should be made aware of and can be fixed). UOE 
is thrown by the SunPKCS11 provider in a few cases.

It seems like something that we should potentially add to the APIs.

--Sean

More information about the jigsaw-dev mailing list