RFR: 8319332: Security properties files inclusion [v19]
Martin Balao
mbalao at openjdk.org
Fri Sep 6 01:17:55 UTC 2024
On Thu, 5 Sep 2024 20:20:28 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> I don't like the silent mode. If no one uses that key name, then everything is fine anyway. Otherwise, if someone really sets it, it's very likely they will want to read it somewhere and expect a non `null` value.
>>
>> Can we just support it as a real security property? i.e. if it appears in `java.security`, besides loading the content, we can also read it as a security property. And then we also allow it in `setProperty` and `getProperty`. I can see some behavior change:
>>
>> 1. If it's in `java.security` and not point to a real file, there will be an exception.
>> 2. If it appears in an included file, the value will overwrite the previous one.
>>
>> For 1, I don't think you want to be silent about the missing file. For 2, we can ignore it as a security property, but this becomes a little complex.
>
> I'm ok with proceeding to integrate. @wangweij do you have any further comments or concerns?
>
> If Weijun is ok with proceeding, you will need to finalize the CSR before you can integrate. You also need to write a release note, unless I missed that.
@seanjmullan I proposed the following release note: https://bugs.openjdk.org/browse/JDK-8339636 Let me know if you would like to suggest changes. Feel free to edit the proposal yourself if more convenient.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/16483#issuecomment-2332992336
More information about the security-dev
mailing list