RFR 8130648: JCK test api/java_security/AuthProvider/ProviderTests_login starts failing after JDK-7191662
Valerie Peng
valerie.peng at oracle.com
Tue Sep 22 21:31:25 UTC 2015
Hi, Sean,
Thanks for the comments, I have changed to use the <> for line 110.
For line 116-118, the difference is in the security check. With the
current changes, the new provider will need to be granted
|SecurityPermission("authProvider.name")| for the configuration call to
complete and return the new provider.
Or, one alternative is to not carrying over the callback handler if the
particular permission is not granted for the new provider?
Not sure if direct assignment/carryover would lead to anything bad,
maybe I am being too paranoid...
Thanks,
Valerie
On 9/22/2015 1:41 PM, Sean Mullan wrote:
> On 09/18/2015 08:37 PM, Valerie Peng wrote:
>> Sean,
>>
>> I have updated the webrev based on your suggestions and CCC has also
>> been filed:
>>
>> Webrev: http://cr.openjdk.java.net/~valeriep/8130648/webrev.00/
>
> SunPKCS11.java
>
> 110: can use diamond operator for anon classes now, ex:
> PrivilegedExceptionAction<>
>
> 116-118: wouldn't it be easier to do the following:
>
> 116 if (this.pHandler != null) {
> 117 newOne.pHandler = this.pHandler;
> 118 }
>
> then you don't need the catch block on lines 124-128.
>
> --Sean
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20150922/96b0fb49/attachment.htm>
More information about the security-dev
mailing list