2006/11/24, Tim Ellison <[EMAIL PROTECTED]>:
Alexey Varlamov (JIRA) wrote:
> [
http://issues.apache.org/jira/browse/HARMONY-2163?page=comments#action_12452378 ]
>
> The only consistent way to fix this (as I see) is to preload and init
Security class early, somewhere during bootstrap. OTOH this may increase bootstrap
time a bit...
> What do you think?
The problem appears to be that we don't set defaults if we cannot find
the properties file(s).
Oh, I just overlooked the practical root cause. Nice catch!
So how about we implement Security#registerDRLProviders() (maybe with a
method name change) to register:
security.provider.1=org.apache.harmony.security.provider.cert.DRLCertFactory
security.provider.2=org.apache.harmony.security.provider.crypto.CryptoProvider
security.provider.3=org.apache.harmony.xnet.provider.jsse.JSSEProvider
security.provider.4=org.bouncycastle.jce.provider.BouncyCastleProvider
Thoughts?
Tim
Well, there is a number of other sensitive keys without hardcoded
defaults, e.g. package.access, probably bunch of ssl.* keys. Therefore
I presume it should be Security#defaultConfig() then.
--
Alexey
--
Tim Ellison ([EMAIL PROTECTED])
IBM Java technology centre, UK.
