RFE Review : JDK-5016517 - Replace plaintext passwords by hashed passwords for out-of-the-box JMX Agent
mandy chung
mandy.chung at oracle.com
Wed Nov 8 03:59:54 UTC 2017
On 11/7/17 9:04 AM, Harsha Wardhana B wrote:
>
> Hi Mandy,
>
> To summarize the changes,
>
> 1. The header will not contain the file modification timestamp.
> Instead when the password file is modified, a debug log will be
> printed. The log will contain the timestamp.
>
> 2. The password file is now protected from concurrent writes from
> within the JVM.
>
> 3. HashedPasswordManager.authenticate accepts char[] for password
> instead of String.
>
Thanks for this. That helps.
> Header will be inserted. Apart from that all the comments will be
> retained.
I think this header can also be taken out. The comment may already be
copied from the template or deleted on purpose.
>> Also log a message when the file is overridden - we didn't discuss
>> the format but I think it should include the pathname of the file and
>> the role name of the overridden entries (should it be info level?).
>> line 308-311 is debug message - is that the one?
> I guess this wasn't discussed. We just output a debug log saying the
> file is overwritten. File name can be mentioned in the log.
INFO log message seems more appropriate.
Mandy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/serviceability-dev/attachments/20171107/622fedc9/attachment-0001.html>
More information about the serviceability-dev
mailing list