On 30/11/2015 11:13, Sibabrata Sahoo wrote:
Here is the updated webrev:
http://cr.openjdk.java.net/~asmotrak/siba/8130360/webrev.02/
I have one question:
What should be the behavior when the older version of 3rd party JCE provider jar file(without service
descriptor "META-INF/services/*" & working with <= JDK8) configured by
"java.security" file, will be place in CLASS_PATH, running through JDK9 and the client is using
Security.getProvider() to look for the provider?
Currently the scenario fails to find the JCE provider. Is this right behavior?
If it is, then jdk9 is not backward compatible to find the security provider
provided through older jar files from CLASS_PATH.
The JCE work in JDK 9 (via JDK-7191662) was meant to address this point
by falling back and attempting to load the class name specified via the
security.provider.<N> properties in the java.security file. I'm sure
Valerie can say more about this.
-Alan
