Code review request 8023230, The impl of KerberosClientKeyExchange maybe not exist

Xuelei Fan xuelei.fan at oracle.com
Mon Aug 19 18:24:25 PDT 2013


new webrev: http://cr.openjdk.java.net/~xuelei/8023230/webrev.01/

On 8/19/2013 9:53 PM, Weijun Wang wrote:
> Only one change I don't understand:
> 
>   73     public KerberosClientKeyExchange() {
>   74         if (impl == null) {
>   75             throw new IllegalStateException("Kerberos is
> unavailable");
>   76         }
>   77     }
> 
> It seems this constructor will be automatically called when constructing
> an instance of its child class -- KerberosClientKeyExchangeImpl. Isn't
> that impl itself? There seems to be a chicken-or-egg puzzle here.
> 
Good catch.  It's a weird link between KerberosClientKeyExchangeImpl and
KerberosClientKeyExchange.

Then I would like to restrict the use of this constructor, and declare
it as protected.   See above webrev.

> Also, did you really spot a failure when KerberosClientKeyExchangeImpl
> does not exist?
> 
Not really.  But that's the purpose of existence of
KerberosClientKeyExchangeImpl.  Krb5 implementation should be able to be
removed from jsse.jar.

Thanks,
Xuelei

> Thanks
> Max
> 
> 
> On 8/19/13 8:49 PM, Xuelei Fan wrote:
>> Hi Weijun,
>>
>> Please review this update when you are available.
>>
>> webrev: http://cr.openjdk.java.net/~xuelei/8023230/webrev.00/
>>
>> If package sun.security.ssl.krb5 does not exist, the impl of
>> KerberosClientKeyExchange (krb5.KerberosClientKeyExchangeImpl) will not
>> present as well. Need to consider this case in the implementation of
>> sun.security.ssl.KerberosClientKeyExchange.
>>
>> Thanks,
>> Xuelei
>>



More information about the security-dev mailing list