8200400: Restrict Sasl mechanisms
Sean Mullan
sean.mullan at oracle.com
Mon May 6 18:06:11 UTC 2019
On 5/5/19 1:06 AM, Weijun Wang wrote:
> Please take a review at
>
> https://cr.openjdk.java.net/~weijun/8200400/webrev.01/
The java.security property description is not up-to-date with the CSR.
Also, we don't support a system property override in the other
jdk.*.disabled properties. So I don't think we should add that unless or
until we see a need for it.
In Sasl.java, can we log or add some debug information if a mechanism is
disabled? Otherwise it can be hard to debug.
--Sean
> There is a CSR at
>
> https://bugs.openjdk.java.net/browse/JDK-8214331
>
> Thanks,
> Max
>
More information about the security-dev
mailing list