On Wed, 20 Oct 2021 13:35:22 GMT, Martin Balao <mba...@openjdk.org> wrote:
> I'd like to propose a fix for JDK-8275535. This fix reverts the behavior to > the state previous to JDK-8160768, where an authentication failure stops from > trying other LDAP servers with the same credentials [1]. After JDK-8160768 we > have 2 possible loops to stop: the one that iterates over different URLs and > the one that iterates over different endpoints (after a DNS query that > returns multiple values). > > No test regressions observed in jdk/com/sun/jndi/ldap. > > -- > [1] - https://hg.openjdk.java.net/jdk/jdk/rev/a609d549992a#l2.137 The concerns are two folds: - without a regression test, you have to trust that the source changes actually work, and there's typically no verification possible - without a regression test, the next refactoring change in this area two years from now could undo the fix and nobody would notice I agree that the changes seem safe and given the history seem to be doing what the fix/PR says they do, so I'd be more concerned with the latter. So if it's practical to add a test I'd rather have one. If the behavior is too hard to test - then the appropriate keyword would be `noreg-hard` rather than `noreg-trivial` (I am not sure trivial actually qualifies here - I can see no obvious flaw but I'm not sure we can say that there are obviously no flaws - or that a flaw would become obvious to future maintainers if that code was refactored in a way that removed the fix). ------------- PR: https://git.openjdk.java.net/jdk/pull/6043
