Review Request: loading JCE providers using ServiceLoader
Sean Mullan
sean.mullan at oracle.com
Tue Aug 14 07:30:15 PDT 2012
On 8/14/12 5:30 AM, Alan Bateman wrote:
> On 13/08/2012 20:17, Sean Mullan wrote:
>>
>> I thought about doing that, just adding them on to the end. But there
>> are a few other subtle issues. Right now, if you want to use a JCE
>> provider that isn't registered, you instantiate it directly (as I
>> showed above). Or you could also instantiate it and use the
>> Security.addProvider or insertProviderAt methods to add it to the list
>> of registered providers. There are apps doing that today. That code
>> may break (addProvider will return -1) if we automatically registered
>> all JCE providers that were found by ServiceLoader. So I would rather
>> hold off on this and address it later with the ordering of providers.
>> We may need to adjust what it actually means for a JCE provider to be
>> installed:
> I think it would make sense to add them at the end. One could imagine
> calling Signature.getInstance(algorithm) and the implementation would
> iterate over the configured providers and if none of them support the
> algorithm then it will move onto the other installed providers looking
> for one that supports this algorithm.
>
> On the dynamic registration via Security.addProvider then I would think
> it should be an error for someone to install the provider as a service
> provider module and also attempts to register it themselves (and to
> register it themselves would require they have some means to instantiate
> it, suggesting it exports an API for that). It may be that bundled
> providers intended to be dynamically registered just don't declare
> themselves as services.
>
> So I think it would be good to re-visit this, not critical for the
> initial push of course.
Ok, that's good. It's a bit more work to make providers not configured in
java.security available by default -- it will require more surgery to the
sun.security.jca classes, so I'd rather do this later.
I've created a new CR to track the issues we should look at later:
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7191104
--Sean
More information about the jigsaw-dev
mailing list