RFR: 8215916: The failure reason of an optional JAAS LoginModule is not logged
Weijun Wang
weijun at openjdk.org
Wed Jun 22 13:55:54 UTC 2022
On Wed, 22 Jun 2022 13:10:24 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Could you please review the changes?
>> This patch is to address : https://bugs.openjdk.org/browse/JDK-8215916?jql=labels%20%3D%20starter-bug
>
> src/java.base/share/classes/javax/security/auth/login/LoginContext.java line 887:
>
>> 885: (new java.io.PrintWriter(sw));
>> 886: sw.flush();
>> 887: le = new LoginException(sw.toString());
>
> @wangweij might have more to say, but I think you just want to dump this information using `debug.println` if debug is enabled.
I have the same suggestion as Sean. In JAAS, login could succeed even if one optional LoginModule failed, and in this case the reason for that failure is lost (even with your current fix). Logging it somewhere might help developer understand why it happened.
-------------
PR: https://git.openjdk.org/jdk/pull/9159
More information about the security-dev
mailing list