Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8204622

Add configurable option for enhanced socket IOException messages

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P4 P4
    • 11
    • core-libs
    • None
    • behavioral
    • minimal
    • New security/system property, disabled by default, so no behavioral change
    • System or security property
    • JDK

      Summary

      Define a new security and system property to control enhanced exception message text for socket connect operations.

      Problem

      Developers, particularly those using third party libraries, which they do not control complain that they do not get useful information from socket connect exception messages. These messages could potentially include useful information such as the hostname and port that the socket was trying to connect to. The Java security guidelines mandate that exception texts must not include such sensitive information. The proposal is to add a switch to enable more detailed information while leaving the current behavior as the default.

      Solution

      The solution is to add a new security property of the name jdk.net.includeInExceptions which is a potentially multi valued property. Values are to be separated by commas, with no whitespace and are case insensitive. The only value to be defined at this time is "hostInfo" which will enable more detailed text for socket exceptions. A system property of the same name and specification can be set on the command line to override the security property.

      [Note, this CSR was approved. I am resubmitting it solely to change the name of the property and its possible value]

      Specification

      The following text below is to be added to the "java.security" configuration file.

       #
 # Enhanced exception message text
 #
 # By default, socket exception messages do not include potentially sensitive
 # information such as hostnames or port numbers. This property may be set to one
 # or more values, separated by commas, and with no white-space. Each value
 # represents a category of enhanced information. Values are case insensitive.
 # Currently, the only category defined is "hostInfo" which enables more detailed
 # information in the IOExceptions thrown by java.net.Socket and also the socket
 # types in the java.nio.channels package. The setting in this file can be
 # overridden by a system property of the same name and with the same syntax
 # and possible values.
 #jdk.net.includeInExceptions=hostInfo

            michaelm Michael McMahon
            michaelm Michael McMahon
            Alan Bateman, Chris Hegarty
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: