Re: [9] RFR: 8048138: Tests for JAAS callbacks

Wed, 22 Apr 2015 23:21:07 -0700 

Hi Max,

Please see inline.

On 04/22/2015 06:24 PM, Weijun Wang wrote:

Hi Artem
In StandardCallbacks.java, you provide an array of callbacks with an unsupported one at the end, hoping all supported ones are processed before the last one fails. It is very natural for a LoginModule implementation to process them one by one in their original order (like what CustomLoginModule does) but I am not sure if this is a strict requirement. For example, what if it tries the last one first and in this case fails before trying all the others? 

Can you find any specification on it? Or maybe in a technote article?
Yes, the test relies on original order of callbacks. But CustomLoginModule calls a callback handler directly, and it doesn't seem that JAAS framework may affect the order. That's why I make the test rely on original order of callbacks. I think it is okay for test since we control both login module and callback handler. In real applications, a login module and handler may be provided by independent parties, and they should not rely on order of callback. 

Another one:
- SharedState: If the callback handler is not used, does the constructor without the argument work?
The test uses DummyCallbackHandler that actually does nothing, but actually I forgot to call a callback handler in the login modules. I think it may be better it the test doesn't use a callback handler at all. According to the spec, it should work fine 

http://docs.oracle.com/javase/8/docs/api/javax/security/auth/login/LoginContext.html

Please see an updated webrev:

http://cr.openjdk.java.net/~asmotrak/8048138/webrev.01/

Artem


Thanks
Max

On 4/21/2015 10:22 PM, Artem Smotrakov wrote:

Hello,

Please review a couple of new tests for JAAS:
- StandardCallbacks.java is for standard JAAS callbacks (except
RealmCallback and RealmChoiceCallback since the test is not about Sasl,
and actually those two callback extends ChoiceCallback which is used in
the test)
- SharedState.java checks if a shared state is passed to login modules

Bug: https://bugs.openjdk.java.net/browse/JDK-8048138
Webrev: http://cr.openjdk.java.net/~asmotrak/8048138/webrev.00/

Artem

Reply via email to