RFR: 8350689: Turn on timestamp and thread metadata by default for java.security.debug
Sean Coffey
coffeys at openjdk.org
Thu May 29 19:11:25 UTC 2025
Removal of the `+thread` and `+timestamp` options that were used to control the logging behavior of output from the `java.security.debug` system property.
To enhance the security debug logs, the thread and timestamp data should always be present. This brings it to a par with another important security debug system property, the TLS debug property: javax.net.debug. Output from the TLS `javax.net.debug` logs always contains thread and timestamp data.
This patch remove the `+thread` and `+timestamp` support code and print thread and timestamp data by default. This enancement is only proposed for the JDK feature release. Update releases can continue to opt into such data.
Debug output data from use of the `java.security.debug` property will now resemble something like the following:
properties[0x10|main|Security.java:122|2025-05-01 14:59:42.859 UTC]: Initial security property: package.definition=sun.misc.,sun.reflect.
properties[0x10|main|Security.java:122|2025-05-01 14:59:42.859 UTC]: Initial security property: krb5.kdc.bad.policy=tryLast
I've also trimmed back on some of the test case coverage since use of `+thread` and `+timestamp` options is now redundant with this patch.
-------------
Commit messages:
- Merge branch 'master' into 8350689-default-timestamps
- update system property doc
- 8350689
Changes: https://git.openjdk.org/jdk/pull/25528/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=25528&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8350689
Stats: 182 lines in 5 files changed: 14 ins; 130 del; 38 mod
Patch: https://git.openjdk.org/jdk/pull/25528.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/25528/head:pull/25528
PR: https://git.openjdk.org/jdk/pull/25528
More information about the security-dev
mailing list