RFR 8130648: JCK test api/java_security/AuthProvider/ProviderTests_login starts failing after JDK-7191662

Valerie Peng valerie.peng at oracle.com
Tue Sep 22 21:31:25 UTC 2015


Hi, Sean,

Thanks for the comments, I have changed to use the <> for line 110.
For line 116-118, the difference is in the security check. With the 
current changes, the new provider will need to be granted 
|SecurityPermission("authProvider.name")| for the configuration call to 
complete and return the new provider.

Or, one alternative is to not carrying over the callback handler if the 
particular permission is not granted for the new provider?
Not sure if direct assignment/carryover would lead to anything bad, 
maybe I am being too paranoid...

Thanks,
Valerie


On 9/22/2015 1:41 PM, Sean Mullan wrote:
> On 09/18/2015 08:37 PM, Valerie Peng wrote:
>> Sean,
>>
>> I have updated the webrev based on your suggestions and CCC has also
>> been filed:
>>
>> Webrev: http://cr.openjdk.java.net/~valeriep/8130648/webrev.00/
>
> SunPKCS11.java
>
> 110: can use diamond operator for anon classes now, ex: 
> PrivilegedExceptionAction<>

>
> 116-118: wouldn't it be easier to do the following:
>
> 116             if (this.pHandler != null) {
> 117                 newOne.pHandler = this.pHandler;
> 118             }
>
> then you don't need the catch block on lines 124-128.
>
> --Sean
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20150922/96b0fb49/attachment.htm>


More information about the security-dev mailing list