Review Request: loading JCE providers using ServiceLoader

[Paul Sandoz]

On Jul 26, 2012, at 8:45 AM, Sean Mullan wrote:

> On 7/24/12 8:29 PM, Alan Bateman wrote:
>> On 24/07/2012 18:29, Sean Mullan wrote:
>>> 
>>> It's plausible we should automatically add all the Providers available
>>> as services to the list of registered providers.
>> I think this would make sense because they are otherwise not accessible
>> if they aren't listed in the java.security file (and the approach to
>> instantiate them directly will not work in module because
>> sun.security.pkcs11 and the other sun.* packages are not exported).
> 
> Yes, though I'd like to hold off on this until we explore further adding the capability to ServiceLoader to order services; otherwise I don't know what order to put these services in. Once that is in place, then we don't really need to look at the java.security file at all.
> 

Decentralized ordering is hard. So i think, especially for security, there will need to be some centralized declaration of order of service provider classes. Perhaps this does not require declaration of all such classes, just those that need to be ordered, the order of those not declared is undefined, and depending on the application may or may not be visible when iterating over service instances.

In module mode i suppose ordering could be declared by configuring the library. But i think we require this to work in classpath mode and module mode if you want to get rid of the security specific file declaring order.


> Also, in general this isn't an issue right now since all of the providers we include in the JDK are configured by default in the java.security file, except for SunPKCS11 which is only configured by default on Solaris. But SunPKCS11 is a problem anyway because it requires a config file as input, so we still need to figure out a better way to address that so that it can be loaded as a service. We may still have to have some dependency on the java.security file.
> 

A level of indirection might work here.

Paul.