The effects of invalid values of `jdk.serialFilter` and `jdk.serialFilterFactory` properties are incompletely specified. The behavior for invalid values of the properties is different and use an unconventional exception type, `ExceptionInInitializerError` and leave the `OIF.Config` class uninitialized.
The exceptions in the `ObjectInputFilter.Config` class initialization caused by invalid values of the two properties, either by system properties supplied on the command line or security properties are logged. The `Config` class marks either or both the filter and filter factory values as unusable and remembers the exception message. Subsequent calls to the methods that get or set the filter or filter factory or create an `ObjectInputStream` throw `java.lang.IllegalStateException` with the remembered exception message. Constructing an `ObjectInputStream` calls both `Config.getSerialFilter` and `Config.getSerialFilterFactory`. The nature of the invalid property is reported as an `IllegalStateException` on first use. This PR supercedes https://github.com/openjdk/jdk/pull/6508 Document that setting an invalid property jdk.serialFilter disables deserialization ------------- Commit messages: - 8278087: Redesign exceptions thrown for invalid jdk.serialFilter and jdk.serialFilterFactory. Changes: https://git.openjdk.java.net/jdk/pull/6645/files Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=6645&range=00 Issue: https://bugs.openjdk.java.net/browse/JDK-8278087 Stats: 218 lines in 4 files changed: 137 ins; 15 del; 66 mod Patch: https://git.openjdk.java.net/jdk/pull/6645.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/6645/head:pull/6645 PR: https://git.openjdk.java.net/jdk/pull/6645