RFR 8047789: auth.login.LoginContext needs to be updated to work with modules

Wang Weijun weijun.wang at oracle.com
Fri Mar 20 14:39:04 UTC 2015


Please review the code changes at

   http://cr.openjdk.java.net/~weijun/8047789/webrev.03/

LoginContext is updated to use ServiceLoader to load configured LoginModules, and fallback to reflection if it cannot find one. Please notice that the fix does not include configuration of existing LoginModules since the current jdk9/dev module system does not support multiple modules implementing the same interface. Suppose it does, these 2 extra files will do the configuration:

src/jdk.security.auth/META-INF/services/javax.security.auth.spi.LoginModule 

  com.sun.security.auth.module.Krb5LoginModule
  com.sun.security.auth.module.UnixLoginModule
  com.sun.security.auth.module.JndiLoginModule
  com.sun.security.auth.module.KeyStoreLoginModule
  com.sun.security.auth.module.LdapLoginModule
  com.sun.security.auth.module.NTLoginModule

src/java.management/META-INF/services/javax.security.auth.spi.LoginModule 

  com.sun.jmx.remote.security.FileLoginModule

I am hearing that jigsaw will provide a new way for service configuration.

Compatibility issue: Before this code change, any class that includes the necessary methods (initialize, login, logout, abort, commit) can be configured as a login module, which does not necessarily implement the LoginModule interface itself. After this code change, it must implement the interface.

We might need to update the JAAS programming guide in Java SE documentation to describe the new loading mechanism.

Thanks
Max



More information about the jigsaw-dev mailing list