Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4809636

Login context should work with local policy file for applets/JWS

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Duplicate
    • Icon: P3 P3
    • None
    • 1.4.1
    • security-libs



      Name: nt126004 Date: 01/28/2003


      FULL PRODUCT VERSION :
      java version "1.4.1_01"
      Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.1_01-b01)
      Java HotSpot(TM) Client VM (build 1.4.1_01-b01, mixed mode)

      FULL OPERATING SYSTEM VERSION :
      Any

      ADDITIONAL OPERATING SYSTEMS :
      All


      A DESCRIPTION OF THE PROBLEM :
      The java login context constructor should be able to accept
      the URL of a policy file containing just the single login
      context desired to be parsed, eg:

      LoginContext loginContext = new
      LoginContext(this.getClass().getResource("MyPolicy.policy"),
      "MyPolicyName", myCallbackHandler);

      This would allow applets and java web start applications to
      load a policy that is specific to the applet/web start,
      without needing to install a new Configuration manager.

      The advantage of this is that it makes it easy for a web
      server to just put all the login specific parts into a
      single file, which a third party can potentially customize
      for their particular application. Thus, the login can be
      dynamically selected at load time as appropriate.

      If it has to be in the overall login.configuration or
      login.policy file, then the end user actually needs to go to
      the applet console and configure an explicit configuration
      page. This seems undesireable.

      Even just setting the name of the file into a java system
      property (which can be done by a trusted applet), is not a
      particularly good idea, as this is global, and what is
      desired is that the login configuration file be found in the
      applet class loader (or web start class loaded.)


      REPRODUCIBILITY :
      This bug can be reproduced always.

      CUSTOMER WORKAROUND :
      Supply a user written version of Configuration. That means
      writing actual code for this, which seems a waste since the
      code to parse login configuration files is already present
      in the java runtime.
      (Review ID: 180374)
      ======================================================================

            Unassigned Unassigned
            nthompsosunw Nathanael Thompson (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: