RFR: 8301260: Add system property to toggle XML Signature secure validation mode
Sean Coffey
coffeys at openjdk.org
Thu Feb 2 17:03:35 UTC 2023
On Wed, 1 Feb 2023 14:46:28 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> This change adds a system property that can be used to enable/disable the XML Signature secure validation mode. This is useful for enabling/disabling the mode at runtime. The system property will supersede and have the same name as the XMLCryptoContext property that can be used to enable/disable the mode: "org.jcp.xml.dsig.secureValidation".
src/java.base/share/conf/security/java.security line 953:
> 951: # "false". Any other value for the system property is also treated as "false".
> 952: # If the system property is set, it supersedes the XMLCryptoContext property
> 953: # value.
is is necessary to state (hint) that the system property is read once at class load time ?
test/jdk/javax/xml/crypto/dsig/SecureValidationSystemProperty.java line 38:
> 36: * @library /test/lib
> 37: * @run main/othervm -Dorg.jcp.xml.dsig.secureValidation=false SecureValidationSystemProperty
> 38: */
the jtreg syntax seems to be repeated here.
-------------
PR: https://git.openjdk.org/jdk/pull/12365
More information about the security-dev
mailing list