I would like to know more about this. As far, I can see the "java.security" provider configuration available with JDK9, it holds provider names instead of provider class names. In that case how it resolve the fall back?
Thanks, Siba -----Original Message----- From: Alan Bateman Sent: Monday, November 30, 2015 4:54 PM To: Sibabrata Sahoo; security-dev@openjdk.java.net; jigsaw-...@openjdk.java.net Subject: Re: [9] RFR:8130360: Add tests to verify 3rd party security providers if they are in signed/unsigned modular JARs On 30/11/2015 11:13, Sibabrata Sahoo wrote: > Here is the updated webrev: > http://cr.openjdk.java.net/~asmotrak/siba/8130360/webrev.02/ > > I have one question: > What should be the behavior when the older version of 3rd party JCE provider > jar file(without service descriptor "META-INF/services/*" & working with <= > JDK8) configured by "java.security" file, will be place in CLASS_PATH, > running through JDK9 and the client is using Security.getProvider() to look > for the provider? > > Currently the scenario fails to find the JCE provider. Is this right > behavior? If it is, then jdk9 is not backward compatible to find the security > provider provided through older jar files from CLASS_PATH. > The JCE work in JDK 9 (via JDK-7191662) was meant to address this point by falling back and attempting to load the class name specified via the security.provider.<N> properties in the java.security file. I'm sure Valerie can say more about this. -Alan
