[9] RFR: 8048138: Tests for JAAS callbacks
Artem Smotrakov
artem.smotrakov at oracle.com
Thu Apr 23 06:18:14 UTC 2015
Hi Max,
Please see inline.
On 04/22/2015 06:24 PM, Weijun Wang wrote:
> Hi Artem
>
> In StandardCallbacks.java, you provide an array of callbacks with an
> unsupported one at the end, hoping all supported ones are processed
> before the last one fails. It is very natural for a LoginModule
> implementation to process them one by one in their original order
> (like what CustomLoginModule does) but I am not sure if this is a
> strict requirement. For example, what if it tries the last one first
> and in this case fails before trying all the others?
>
> Can you find any specification on it? Or maybe in a technote article?
Yes, the test relies on original order of callbacks. But
CustomLoginModule calls a callback handler directly, and it doesn't seem
that JAAS framework may affect the order. That's why I make the test
rely on original order of callbacks. I think it is okay for test since
we control both login module and callback handler. In real applications,
a login module and handler may be provided by independent parties, and
they should not rely on order of callback.
>
> Another one:
>
> - SharedState: If the callback handler is not used, does the
> constructor without the argument work?
The test uses DummyCallbackHandler that actually does nothing, but
actually I forgot to call a callback handler in the login modules. I
think it may be better it the test doesn't use a callback handler at
all. According to the spec, it should work fine
http://docs.oracle.com/javase/8/docs/api/javax/security/auth/login/LoginContext.html
Please see an updated webrev:
http://cr.openjdk.java.net/~asmotrak/8048138/webrev.01/
Artem
>
> Thanks
> Max
>
> On 4/21/2015 10:22 PM, Artem Smotrakov wrote:
>> Hello,
>>
>> Please review a couple of new tests for JAAS:
>> - StandardCallbacks.java is for standard JAAS callbacks (except
>> RealmCallback and RealmChoiceCallback since the test is not about Sasl,
>> and actually those two callback extends ChoiceCallback which is used in
>> the test)
>> - SharedState.java checks if a shared state is passed to login modules
>>
>> Bug: https://bugs.openjdk.java.net/browse/JDK-8048138
>> Webrev: http://cr.openjdk.java.net/~asmotrak/8048138/webrev.00/
>>
>> Artem
More information about the security-dev
mailing list