RFR: 8215916: The failure reason of an optional JAAS LoginModule is not logged [v16]
Weijun Wang
weijun at openjdk.org
Mon Aug 22 12:42:53 UTC 2022
On Mon, 22 Aug 2022 08:33:54 GMT, Jayashree Huttanagoudar <duke at openjdk.org> wrote:
>> test/jdk/javax/security/auth/login/LoginContext/OptionalJaas/UnixNTPlatform.java line 69:
>>
>>> 67: ByteArrayOutputStream stream = new ByteArrayOutputStream();
>>> 68: PrintStream ps = new PrintStream(stream);
>>> 69: System.setErr(ps);
>>
>> Store `System.err` in a local variable so you can call `System.setErr(oldSystemErr)` in a `finally` clause of the `try` block at line 71 below..
>
> Ok. But at present I am not getting why we should do this :)
> I mean, is it going to improvise something or helpful ?
The exception thrown on line 83 is meant to be observed by the user. Only the `login()` exception needs to be captured for content inspection.
If all exceptions are captured, people might be wondering where the test fails (before the fix) since the test output has no hint on it.
>> test/jdk/javax/security/auth/login/LoginContext/OptionalJaas/UnixNTPlatform.java line 85:
>>
>>> 83: throw new RuntimeException();
>>> 84: } else {
>>> 85: System.out.printf("-- call stack is -- %n%s%n", s);
>>
>> I'd rather print out the call stack if the test fails. Who would want to read the test output if it succeeds?
>
> Aim of this patch is to print the call stack trace right ? And if the test case passes that means we have to print the call stack trace.
> And if the test case fails are suggesting to print the exception we are throwing (i.e RuntimeException) ?
Aim of the fix is to print out the call stack, and the aim of the test is to ensure it's correctly printed. When the test fails, it's necessary to see what was printed so people can check where the problem is. For example, someone in the future might casually simplify the message to "Failed to import the underlying" and this test will fail. Without the content it's not easy to find out what goes wrong.
I'm not against printing out the call stack when the test succeeds. I just feel it's more useful if it fails.
-------------
PR: https://git.openjdk.org/jdk/pull/9159
More information about the security-dev
mailing list