Re: RFR release notes for multiple enhancements: krb5, SASL, JAAS, policytool

Thu, 19 Jan 2017 14:27:06 -0800 

Hi Max, just one nit for JDK-8044085:
The release note is one sentence, but it is a bit of a run-on. It might be worth breaking it up into two sentences, the first for the description and the second containing the example. 

Aside from that they look good to me.

--Jamil


On 1/18/2017 6:40 PM, Weijun Wang wrote:

Hi All


Please review the following release notes. For each one, I've listed 
the JBS URL for the release-note task, the original bug (in 
parentheses), the synopsis, and the intended release note text:


https://bugs.openjdk.java.net/browse/JDK-8173011
(https://bugs.openjdk.java.net/browse/JDK-8029995)
accept yes/no for boolean krb5.conf settings

   krb5.conf now accepts "yes" or "no" for boolean-valued settings.

https://bugs.openjdk.java.net/browse/JDK-8173012
(https://bugs.openjdk.java.net/browse/JDK-8044085)
Access ExtendedGSSContext.inquireSecContext() result through SASL


   The output of `ExtendedGSSContext.inquireSecContext()` is now 
available as negotiated properties for the SASL GSSAPI mechanism using 
the name "com.sun.security.jgss.inquiretype.<type_name>", where 
"type_name" is the string form of the `InquireType` enum parameter in 
lower case, for example, 
"com.sun.security.jgss.inquiretype.krb5_get_session_key_ex" for the 
session key of an established Kerberos 5 security context.


https://bugs.openjdk.java.net/browse/JDK-8173014
(https://bugs.openjdk.java.net/browse/JDK-8047789)
auth.login.LoginContext needs to be updated to work with modules


   After this change, besides including the necessary methods 
(`initialize`, `login`, `logout`, `commit`, `abort`), any login module 
must implement the `LoginModule` interface. Otherwise a 
`LoginException` will thrown when the login module is used.


https://bugs.openjdk.java.net/browse/JDK-8173015
(https://bugs.openjdk.java.net/browse/JDK-8056174)
New APIs for jar signing


   A new `jdk.security.jarsigner.JarSigner` API is added to the 
`jdk.jartool` module which can be used to sign a jar file.


https://bugs.openjdk.java.net/browse/JDK-8173016
(https://bugs.openjdk.java.net/browse/JDK-8147400)
Deprecate policytool

   The policytool is moved to the `jdk.policytool` and deprecated.

https://bugs.openjdk.java.net/browse/JDK-8173017
(https://bugs.openjdk.java.net/browse/JDK-8157848)
Deprecate the javax.security.auth.Policy API with forRemoval=true


   The `javax.security.auth.Policy` class has been deprecated since 
JDK 1.4 and superseded/replaced by java.security.Policy. It is now 
marked `forRemoval=true` and will be removed in a future release.


Thanks
Max
























					Reply via email to