On Thu, 7 Mar 2024 11:57:07 GMT, Sean Coffey <coff...@openjdk.org> wrote:
>> Proposal to improve the `java.security.debug` output so that options exist
>> to add thread ID, thread name, source of log record and a timestamp
>> information to the output.
>>
>> examples:
>> format without patch :
>>
>>
>> properties: Initial security property:
>> package.definition=sun.misc.,sun.reflect.
>> properties: Initial security property: krb5.kdc.bad.policy=tryLast
>> keystore: Creating a new keystore in PKCS12 format
>>
>>
>> format with thread info included:
>>
>>
>> properties[10|main|Security.java:122]: Initial security property:
>> package.definition=sun.misc.,sun.reflect.
>> properties[10|main|Security.java:122]: Initial security property:
>> krb5.kdc.bad.policy=tryLast
>> keystore[10|main|KeyStoreDelegator.java:216]: Creating a new keystore in
>> PKCS12 format
>>
>>
>> format with thread info and timestamp:
>>
>>
>> properties[10|main|Security.java:122|2024-03-01 14:59:42.859 UTC]: Initial
>> security property: package.definition=sun.misc.,sun.reflect.
>> properties[10|main|Security.java:122|2024-03-01 14:59:42.859 UTC]: Initial
>> security property: krb5.kdc.bad.policy=tryLast
>>
>>
>> It's a similar format to what can be seen when the TLS (javax.net.debug)
>> debug logging option is in use
>>
>> current proposal is to keep the thread and timestamp information off (make
>> it opt in)
>>
>> The extra decorator info is controlled by appending option to each component
>> specified in the `"java.security.debug"` option list.
>>
>> e.g
>>
>> `-Djava.security.debug=properties+timestamp+thread` turns on logging for the
>> `properties` component and also decorates the records with timestamp and
>> thread info
>>
>> -Djava.security.debug=properties+thread+timestamp,keystore would decorate
>> the `properties` component but no decorating performed for the `keystore
>> `component.
>
> Sean Coffey has updated the pull request incrementally with one additional
> commit since the last revision:
>
> use default hex output
Marked as reviewed by mullan (Reviewer).
src/java.base/share/classes/sun/security/util/Debug.java line 80:
> 78: if (commaIndex == -1) commaIndex = args.length();
> 79: threadInfoAll = args.substring(beginIndex,
> commaIndex).contains("+thread");;
> 80: timeStampInfoAll = args.substring(beginIndex,
> commaIndex).contains("+timestamp");;
extra semi-colon at end of line.
src/java.base/share/classes/sun/security/util/Debug.java line 125:
> 123: System.err.println(" a timestamp for that debug
> option");
> 124: System.err.println("+thread can be appended to any of above
> options to print");
> 125: System.err.println(" thread information for that
> debug option");
How about mentioning caller too? "thread and caller information ..."
-------------
PR Review: https://git.openjdk.org/jdk/pull/18084#pullrequestreview-1943766266
PR Review Comment: https://git.openjdk.org/jdk/pull/18084#discussion_r1528992108
PR Review Comment: https://git.openjdk.org/jdk/pull/18084#discussion_r1528988533
