RFR: 8311532: Option to disable Krb5LoginModule::login method
Eirik Bjorsnos
duke at openjdk.org
Mon Aug 14 19:57:06 UTC 2023
On Mon, 14 Aug 2023 19:36:41 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
> Naming, of course, can be discussed and changed.
Yes, naming is hard :-)
> I've tried to make different naming for the System property and configuration option, so they are not messed up.
I would think having two different names for essentially the same think (just different scopes) would make it easier to mess things up?
If consistency with `doNotPrompt` is important, would it not be better to have:
`doNotLogin` for the configuration option and
`sun.security.auth.doNotLogin` for the system property?
I'm not sure using different names here would reduce the risk of mistakes. But my guess is as good as yours. Is there precedence for doing it this way?
One could claim that this is non-important details, but I think getting it right here can help prevent misconfigurations.
My opinions here are weakly held. Perhaps some other reviewers could chime in?
-------------
PR Comment: https://git.openjdk.org/jdk/pull/15254#issuecomment-1677969931
More information about the security-dev
mailing list