On 10/24/19 10:15 PM, Weijun Wang wrote:
I added a CSR at https://bugs.openjdk.java.net/browse/JDK-8232994, please take
a review.
My point is that not only it's useless but it also be misleading, so better
remove than ignore.
It's fine with me to remove this, but from my reading of the bug report,
the submitter was more concerned that it is underspecified as to whether
exist() will return true or false if it is not created with a keytab
file. Maybe what is also needed is a better description of how a keytab
file is found. I think that would better address the issue. In your
comment in the bug report, you actually described how that works, so I
think it would might be a good idea to add that to the KeyTab.exist()
specification.
--Sean
Thanks,
Max
On Oct 24, 2019, at 4:16 PM, Weijun Wang <weijun.w...@oracle.com> wrote:
Please review the patch below:
---
a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyTab.java
+++
b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyTab.java
@@ -303,13 +303,11 @@
/**
* Checks if the keytab file exists. Implementation of this method
* should make sure that the result matches the latest status of the
* keytab file.
- * <p>
- * The caller can use the result to determine if it should fallback to
- * another mechanism to read the keys.
+ *
* @return true if the keytab file exists; false otherwise.
* @throws SecurityException if a security manager exists and the read
* access to the keytab file is not permitted
*/
public boolean exists() {
The spec here is not clear and even our own JGSS SubjectComber looks into both
KeyTab and KerberosKey and there is no fallback of any kind.
Do you think this is worth a CSR?
Thanks,
Max
