Hi Max,

In general, looks fine to me. Below are a couple of comments you might want to address.

1. BasicProc.java, it might be better to use named constants for parameters for once() method. That would make it easier to understand what each particular onse() call does

+                    once(true, true, true); // pure java
+                    if (LIBNAME != null) {
+                        // save a cache for client
+                        Context.fromUserPass(USER, PASS, false)
+                                .ccache("ccache.base");
+
+ once(false, false, false); // fail fast for all native
+                        once(false, true, true);
+                        once(false, true, false);
+                        once(false, false, true);
+
+                        once(true, true, false);
+                        once(true, false, true);
+                        once(true, false, false);

Enums may help, and might make it simper as well:

+        // Just a marker for which test case is finished
+        String label = (jc?"j":"n") + (js?"j":"n") + (jb?"j":"n");

2. BasicProc.java, could you please add an exception message?

+                if (!Arrays.equals(msg, msg2)) {
+                    throw new Exception();
+                }
+                break;

3. BasicProc.java, should the test do some cleanup then?

+ Files.copy(Paths.get("ccache.base"), Paths.get("ccache." + label));

Artem

On 09/07/2017 03:07 AM, Weijun Wang wrote:
Please take a review at

    http://cr.openjdk.java.net/~weijun/8186884/webrev.00/

BasicProc.java is enhanced to use a native JGSS provider, and KDC.java is 
enhanced to start (not use) a native KDC. For example, you would be able to 
test interop among Java JGSS, native JGSS (with MIT krb5) and Heimdal KDC with

     jtreg -Dnative.krb5.lib=/usr/local/krb5/lib/libgssapi_krb5.so \
           -Dnative.kdc.path=/usr/local/heimdal \
           test/sun/security/krb5/auto/BasicProc.java

Without those 2 new system properties, it behaves like before, i.e. Java GSS on 
the embedded KDC.

Another change in Context.java. Instead of using shared states to provide 
username and password when doing a krb5 login, a callback handler is used. This 
is considered more common. An extra permission is needed to read the default 
username (though I think this can coded as optional).

Thanks
Max


Reply via email to