RFR: 8215916: The failure reason of an optional JAAS LoginModule is not logged
Weijun Wang
weijun at openjdk.org
Wed Jun 22 15:22:44 UTC 2022
On Wed, 22 Jun 2022 15:10:50 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Thanks you both for taking a look at this PR.
>> I will investigate further for suitable suggested changes.
>> Could you please suggest me how I can quickly check whether the changes I made are reflecting properly as expected ?
>
> There are several builtin `LoginModule` implementations inside OpenJDK. For example, you can configure both `NTLoginModule` and `UnixLoginModule` as OPTIONAL in your JAAS login configuration file. No matter if you run on Windows or Linux, one will succeed and one will fail but overall the login will succeed. You can set `-Djava.security.debug=logincontext` to see if there is information on the failed one.
Also, if you like, try writing this as a regression test. You can call `System.setErr` at the beginning to redirect the log messages to your own `ByteArrayOutputStream`, and then after restoring the original `System.err`, you can inspect the output to see if the expected log message is there. This is not necessary since the code change is not significant.
-------------
PR: https://git.openjdk.org/jdk/pull/9159
More information about the security-dev
mailing list