Openj9: JTreg security test fails due to unexpected 401 return code from test server
Test test8077155 of test/jdk/sun/security/krb5/auto/HttpNegotiateServer.java fails with the following exception stack when run against OpenJ9. No such error occurs when run against Hotspot ...
Expecting to succeed when executing with the the logged in subject.
GSSException: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Attempt to obtain new INITIATE credentials failed! (null)))
at java.security.jgss/sun.security.jgss.spnego.SpNegoContext.initSecContext(SpNegoContext.java:453)
at java.security.jgss/sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:266)
at java.security.jgss/sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:196)
at java.security.jgss/sun.net.www.protocol.http.spnego.NegotiatorImpl.init(NegotiatorImpl.java:108)
at java.security.jgss/sun.net.www.protocol.http.spnego.NegotiatorImpl.<init>(NegotiatorImpl.java:117)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
at java.base/sun.net.www.protocol.http.Negotiator.getNegotiator(Negotiator.java:65)
at java.base/sun.net.www.protocol.http.NegotiateAuthentication.firstToken(NegotiateAuthentication.java:234)
at java.base/sun.net.www.protocol.http.NegotiateAuthentication.setHeaders(NegotiateAuthentication.java:209)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getServerAuthentication(HttpURLConnection.java:2564)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1755)
at java.base/sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1501)
at java.base/sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1499)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:904)
at java.base/java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:946)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1498)
at HttpNegotiateServer.testConnect(HttpNegotiateServer.java:293)
at HttpNegotiateServer$3.run(HttpNegotiateServer.java:381)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:732)
at java.base/javax.security.auth.Subject.doAs(Subject.java:423)
at HttpNegotiateServer.test8077155(HttpNegotiateServer.java:390)
at HttpNegotiateServer.main(HttpNegotiateServer.java:237)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:115)
at java.base/java.lang.Thread.run(Thread.java:825)
Caused by: GSSException: No valid credentials provided (Mechanism level: Attempt to obtain new INITIATE credentials failed! (null))
at java.security.jgss/sun.security.jgss.krb5.Krb5InitCredential.getTgt(Krb5InitCredential.java:344)
at java.security.jgss/sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential.java:145)
at java.security.jgss/sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:126)
at java.security.jgss/sun.security.jgss.krb5.Krb5MechFactory.getMechanismContext(Krb5MechFactory.java:191)
at java.security.jgss/sun.security.jgss.GSSManagerImpl.getMechanismContext(GSSManagerImpl.java:218)
at java.security.jgss/sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:230)
at java.security.jgss/sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:196)
at java.security.jgss/sun.security.jgss.spnego.SpNegoContext.GSS_initSecContext(SpNegoContext.java:882)
at java.security.jgss/sun.security.jgss.spnego.SpNegoContext.initSecContext(SpNegoContext.java:316)
... 30 more
Caused by: javax.security.auth.login.LoginException: No password provided
at jdk.security.auth/com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:896)
at jdk.security.auth/com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:737)
at jdk.security.auth/com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:592)
at java.base/javax.security.auth.login.LoginContext.invoke(LoginContext.java:726)
at java.base/javax.security.auth.login.LoginContext$4.run(LoginContext.java:665)
at java.base/javax.security.auth.login.LoginContext$4.run(LoginContext.java:663)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:732)
at java.base/javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:663)
at java.base/javax.security.auth.login.LoginContext.login(LoginContext.java:574)
at java.security.jgss/sun.security.jgss.GSSUtil.login(GSSUtil.java:258)
at java.security.jgss/sun.security.jgss.krb5.Krb5Util.getTicket(Krb5Util.java:158)
at java.security.jgss/sun.security.jgss.krb5.Krb5InitCredential$1.run(Krb5InitCredential.java:336)
at java.security.jgss/sun.security.jgss.krb5.Krb5InitCredential$1.run(Krb5InitCredential.java:332)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:696)
at java.security.jgss/sun.security.jgss.krb5.Krb5InitCredential.getTgt(Krb5InitCredential.java:331)
... 38 more
java.lang.RuntimeException: java.io.IOException: Server returned HTTP response code: 401 for URL: http://host.web.domain:39824/a/b/c
at HttpNegotiateServer.testConnect(HttpNegotiateServer.java:302)
at HttpNegotiateServer$3.run(HttpNegotiateServer.java:381)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:732)
at java.base/javax.security.auth.Subject.doAs(Subject.java:423)
at HttpNegotiateServer.test8077155(HttpNegotiateServer.java:390)
at HttpNegotiateServer.main(HttpNegotiateServer.java:237)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:115)
at java.base/java.lang.Thread.run(Thread.java:825)
Caused by: java.io.IOException: Server returned HTTP response code: 401 for URL: http://host.web.domain:39824/a/b/c
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1913)
at java.base/sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1501)
at java.base/sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1499)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:904)
at java.base/java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:946)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1498)
at HttpNegotiateServer.testConnect(HttpNegotiateServer.java:293)
... 11 more
java.lang.RuntimeException: Test error
at HttpNegotiateServer.main(HttpNegotiateServer.java:244)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:115)
at java.base/java.lang.Thread.run(Thread.java:825)
The unexpected 401 response code is returned from the test server despite using the correct username and password to authenticate.
This is a regression test added alongisde the fix that went in for this OpenJDK bug - https://bugs.openjdk.java.net/browse/JDK-8077155
OpenJ9 build tested with ...
openjdk version "11" 2018-09-25
OpenJDK Runtime Environment AdoptOpenJDK (build 11+28-201809231808)
Eclipse OpenJ9 VM AdoptOpenJDK (build master-38a825c3, JRE 11 Linux amd64-64-Bit Compressed References 20180923_22 (JIT enabled, AOT enabled)
OpenJ9 - 38a825c3
OMR - fcbe08d1
JCL - afdb7423f7 based on jdk-11+28)
Hotspot build test with ...
openjdk version "11" 2018-09-25
OpenJDK Runtime Environment 18.9 (build 11+28)
OpenJDK 64-Bit Server VM 18.9 (build 11+28, mixed mode)
Full archive of JTreg logs :
HNSFailure.tar.gz
ben-walsh
All 26 comments
Will take a look at it
hangshao0
on 24 Sep 2018
👍2
Do you know if OpenJ9 ever pass this test ? @ben-walsh
hangshao0
on 24 Sep 2018
Probably not, this is the first attempt at Java 11 testing. You could try other versions of Java.
pshipton
on 24 Sep 2018
This test failed due to the falling call returning null
hangshao0
on 24 Sep 2018
Also failed on OpenJ9 Java 8.
hangshao0
on 24 Sep 2018
@hangshao0 Potentially not. Reason this group of tests including this one is being run, is because a couple of them were adapted for TLS 1.3 support for Java 11 and it was a small additional effort to run the entire group under the Java 11 testing.
ben-walsh
on 25 Sep 2018
Compared the passing and failing outputs, didn't find any clue,
hangshao0
on 25 Sep 2018
Note: the security code in question all from OpenJDK, there was no J9 security code involved.
@hangshao0 could you post the exception within the test output from both J9 and RI and elaborate the difference?
JasonFengJ9
on 25 Sep 2018
I see trace points:
19:51:16.221 0x9d4a00 mt.0 > javax/security/auth/callback/PasswordCallback.setPassword([C)V bytecode method, this = 0xfff8e030
19:51:16.221 0x9d4a00 mt.18 - this: javax/security/auth/callback/PasswordCallback@00000000FFF8E030 method arguments: ([C@00000000E01111E8)
19:51:16.221 0x9d4a00 mt.6 < javax/security/auth/callback/PasswordCallback.setPassword([C)V bytecode method
19:51:16.221 0x9d4a00 mt.0 > javax/security/auth/callback/PasswordCallback.getPassword()[C bytecode method, this = 0xfff8e030
19:51:16.221 0x9d4a00 mt.18 - this: javax/security/auth/callback/PasswordCallback@00000000FFF8E030 method arguments: ()
19:51:16.221 0x9d4a00 mt.6 < javax/security/auth/callback/PasswordCallback.getPassword()[C bytecode method
19:51:16.221 0x9d4a00 mt.28 - return value: [C@00000000FFF91840
Expecting to succeed when executing with the the logged in subject.
19:51:16.548 0x9d4a00 mt.0 > javax/security/auth/callback/PasswordCallback.setPassword([C)V bytecode method, this = 0xffe27208
19:51:16.548 0x9d4a00 mt.18 - this: javax/security/auth/callback/PasswordCallback@00000000FFE27208 method arguments: (null)
19:51:16.548 0x9d4a00 mt.6 < javax/security/auth/callback/PasswordCallback.setPassword([C)V bytecode method
19:51:16.548 0x9d4a00 mt.0 > javax/security/auth/callback/PasswordCallback.getPassword()[C bytecode method, this = 0xffe27208
19:51:16.548 0x9d4a00 mt.18 - this: javax/security/auth/callback/PasswordCallback@00000000FFE27208 method arguments: ()
19:51:16.548 0x9d4a00 mt.6 < javax/security/auth/callback/PasswordCallback.getPassword()[C bytecode method
19:51:16.548 0x9d4a00 mt.28 - return value: null
Password was initially set to correct value, then it is set to null.
hangshao0
on 25 Sep 2018
The call stack that overwrites the initial password to null is:
at javax.security.auth.callback.PasswordCallback.setPassword(PasswordCallback.java:111)
at sun.net.www.protocol.http.spnego.NegotiateCallbackHandler.handle(NegotiateCallbackHandler.java:101)
at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:892)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:737)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:592)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:726)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:665)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:663)
at java.security.AccessController.doPrivileged(AccessController.java:732)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:663)
at javax.security.auth.login.LoginContext.login(LoginContext.java:574)
at sun.security.jgss.GSSUtil.login(GSSUtil.java:258)
at sun.security.jgss.krb5.Krb5Util.getTicket(Krb5Util.java:158)
at sun.security.jgss.krb5.Krb5InitCredential$1.run(Krb5InitCredential.java:336)
at sun.security.jgss.krb5.Krb5InitCredential$1.run(Krb5InitCredential.java:332)
at java.security.AccessController.doPrivileged(AccessController.java:696)
at sun.security.jgss.krb5.Krb5InitCredential.getTgt(Krb5InitCredential.java:331)
at sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential.java:145)
at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:126)
at sun.security.jgss.krb5.Krb5MechFactory.getMechanismContext(Krb5MechFactory.java:191)
at sun.security.jgss.GSSManagerImpl.getMechanismContext(GSSManagerImpl.java:218)
at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:230)
at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:196)
at sun.security.jgss.spnego.SpNegoContext.GSS_initSecContext(SpNegoContext.java:882)
at sun.security.jgss.spnego.SpNegoContext.initSecContext(SpNegoContext.java:316)
at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:266)
at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:196)
at sun.net.www.protocol.http.spnego.NegotiatorImpl.init(NegotiatorImpl.java:108)
at sun.net.www.protocol.http.spnego.NegotiatorImpl.<init>(NegotiatorImpl.java:117)
at jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(NativeConstructorAccessorImpl.java:-2)
at jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:490)
at sun.net.www.protocol.http.Negotiator.getNegotiator(Negotiator.java:65)
at sun.net.www.protocol.http.NegotiateAuthentication.firstToken(NegotiateAuthentication.java:234)
at sun.net.www.protocol.http.NegotiateAuthentication.setHeaders(NegotiateAuthentication.java:209)
at sun.net.www.protocol.http.HttpURLConnection.getServerAuthentication(HttpURLConnection.java:2564)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1755)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1501)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1499)
at java.security.AccessController.doPrivileged(AccessController.java:904)
at java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:946)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1498)
at HttpNegotiateServer.testConnect(HttpNegotiateServer.java:293)
at HttpNegotiateServer$3.run(HttpNegotiateServer.java:381)
at java.security.AccessController.doPrivileged(AccessController.java:732)
at javax.security.auth.Subject.doAs(Subject.java:423)
at HttpNegotiateServer.test8077155(HttpNegotiateServer.java:390)
at HttpNegotiateServer.main(HttpNegotiateServer.java:237)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(NativeMethodAccessorImpl.java:-2)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:566)
at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:127)
at java.lang.Thread.run(Thread.java:825)
/**
* To be compatible with existing callback handler implementations,
* when the underlying Authenticator is canceled, username and
* password are assigned null. No exception is thrown.
*/
if (passAuth != null) {
username = passAuth.getUserName();
password = passAuth.getPassword();
}
Try using the java debugger to step through the code and see why the password gets set to null,
pshipton
on 26 Sep 2018
Tested on RI, Password will only be set once (to the correct value).
I have compared the parameters passed to javax.security.auth.Subject.doAs(), they are essentially the same. The difference is that OpenJ9 calls into PasswordCallback.setPassword() from javax.security.auth.Subject.doAs() and RI does not.
hangshao0
on 26 Sep 2018
Where does the null password come from? i.e. does the PasswordAuthentication instance come back as null in the NegotiateCallbackHandler.handle() call? How does the valid password get set? Basically where does OpenJ9 start to differ in the code being run from what the RI is doing?
pshipton
on 26 Sep 2018
does the PasswordAuthentication instance come back as null in the NegotiateCallbackHandler.handle() call?
From the trace points, I don't see the call to getPassword() after requestPasswordAuthenticationInstance(), so PasswordAuthentication instance in null.
18:27:50.173 0x16d2a00 mt.0 > java/net/Authenticator.requestPasswordAuthenticationInstance(Ljava/lang/String;Ljava/net/InetAddress;ILjava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/net/URL;Ljava/net/Authenticator$RequestorType;)Ljava/net/PasswordAuthentication; bytecode method, this = 0xfffa4b48
18:27:50.173 0x16d2a00 mt.6 < java/net/Authenticator.requestPasswordAuthenticationInstance(Ljava/lang/String;Ljava/net/InetAddress;ILjava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/net/URL;Ljava/net/Authenticator$RequestorType;)Ljava/net/PasswordAuthentication; bytecode method
18:27:50.173 0x16d2a00 mt.0 > javax/security/auth/callback/PasswordCallback.setPassword([C)V bytecode method, this = 0xffe61350
How does the valid password get set?
It is set by:
Set password to [C@2ec703de
at javax.security.auth.callback.PasswordCallback.setPassword(PasswordCallback.java:111)
at HttpNegotiateServer$1.handle(HttpNegotiateServer.java:333)
at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:892)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:737)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:592)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:726)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:665)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:663)
at java.security.AccessController.doPrivileged(AccessController.java:732)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:663)
at javax.security.auth.login.LoginContext.login(LoginContext.java:574)
at HttpNegotiateServer.test8077155(HttpNegotiateServer.java:368)
at HttpNegotiateServer.main(HttpNegotiateServer.java:237)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(NativeMethodAccessorImpl.java:-2)
at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:566)
at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:127)
at java.lang.Thread.run(Thread.java:825)
Basically where does OpenJ9 start to differ in the code being run from what the RI is doing?
Still trying to figure it out.
hangshao0
on 26 Sep 2018
The null PasswordAuthentication instance is from HttpNegotiateServer.java:
static class KnowNothingAuthenticator extends java.net.Authenticator {
public PasswordAuthentication getPasswordAuthentication () {
HttpNegotiateServer.count++;
return null;
}
}
hangshao0
on 26 Sep 2018
I'm guessing the problem is in the following area, my assumption being that it should find the existing ticket from the original login, but doesn't.
/**
* Retrieves the ticket corresponding to the client/server principal
* pair from the Subject in the specified AccessControlContext.
* If the ticket can not be found in the Subject, and if
* useSubjectCredsOnly is false, then obtain ticket from
* a LoginContext.
*/
static KerberosTicket getTicket(GSSCaller caller,
static KerberosTicket getTicket(GSSCaller caller,
String clientPrincipal, String serverPrincipal,
AccessControlContext acc) throws LoginException {
// Try to get ticket from acc's Subject
Subject accSubj = Subject.getSubject(acc);
Subject.getSubject(acc) returns null on OpenJ9, it returns a valid subject on RI
hangshao0
on 26 Sep 2018
OpenJ9 and RI starts to differ from here in Subject.getSubject():
DomainCombiner dc = acc.getDomainCombiner();
if (!(dc instanceof SubjectDomainCombiner)) {
return null; <------------------ OpenJ9 returns from here
}
SubjectDomainCombiner sdc = (SubjectDomainCombiner)dc;
return sdc.getSubject(); <------------------ RI returns from here
hangshao0
on 26 Sep 2018
The parameter acc passed to Subject.getSubject(acc) is originally from AccessController.getContext(). OpenJ9 has its own implementation of AccessController.java and AccessControlContext.java, which is likely the root cause of this failure.
hangshao0
on 26 Sep 2018
👍1
@JasonFengJ9 please help determine why the DomainCombiner is being lost.
pshipton
on 27 Sep 2018
The problem is during enumerating AccessControlContext and ProtectionDomain objects when limited privilege has been specified in current thread access context within j.s.AccessController.getContextHelper().
In this failed testcase, there are two frames of access control objects returned from AccessController.getAccSnapshot(), first frame contains an AccessControlContext object with null domainCombiner, and the second frame contains another AccessControlContext object with SubjectDomainCombiner.
Current algorithm returns first frame AccessControlContext object with next frame AccessControlContext as AccessControlContext.nextStackAcc hence SubjectDomainCombiner doesn't present at returning AccessControlContext.domainCombiner.
Adding following hack code snippet for the returning AccessControlContext object makes the test pass.
if (null != acc && null != acc.domainCombiner) {
accContext.domainCombiner = acc.domainCombiner;
}
This is not a proper fix but indeed shows where is the problem and the direction for actual fix.
JasonFengJ9
on 27 Sep 2018
👍2
This test fails in same way on OpenJDK8+OpenJ9 ...
#Test Results (version 2)
#Thu Sep 27 11:42:55 BST 2018
#-----testdescription-----
$file=/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java
$root=/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test
keywords=bug6578647 bug6829283 othervm
run=USER_SPECIFIED main/othervm -Dsun.net.spi.nameservice.provider.1\=ns,mock HttpNegotiateServer\n
source=HttpNegotiateServer.java
title=HTTP/Negotiate\: Authenticator triggered again when user cancels the first one
#-----environment-----
#-----testresult-----
description=file\:/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java
elapsed=5726 0\:00\:05.726
end=Thu Sep 27 11\:42\:55 BST 2018
environment=regtest
execStatus=Failed. Execution failed\: `main' threw exception\: java.lang.RuntimeException\: Test error
harnessLoaderMode=Classpath Loader
harnessVariety=Full Bundle
hostname=bendev.hursley.ibm.com
javatestOS=Linux 4.4.0-64-generic (amd64)
javatestVersion=5.0
jtregVersion=jtreg 4.2 dev 398
script=com.sun.javatest.regtest.exec.RegressionScript
sections=script_messages build compile main
start=Thu Sep 27 11\:42\:49 BST 2018
test=sun/security/krb5/auto/HttpNegotiateServer.java
testJDK=/home/walshbp/openjdk8-openj9-binary/jdk8u181-b13
totalTime=5734
user.name=walshbp
work=/home/walshbp/jtreg_testing/JTwork/sun/security/krb5/auto
#section:script_messages
----------messages:(7/357)----------
JDK under test: /home/walshbp/openjdk8-openj9-binary/jdk8u181-b13
openjdk version "1.8.0_181"
OpenJDK Runtime Environment (build 1.8.0_181-b13)
Eclipse OpenJ9 VM (build openj9-0.9.0, JRE 1.8.0 Linux amd64-64-Bit Compressed References 20180813_291 (JIT enabled, AOT enabled)
OpenJ9 - 24e53631
OMR - fad6bf6e
JCL - a05586ac based on jdk8u181-b13)
#section:build
----------messages:(5/151)----------
command: build HttpNegotiateServer
reason: Named class compiled on demand
Test directory:
compile: HttpNegotiateServer
elapsed time (seconds): 2.637
result: Passed. Build successful
#section:compile
----------messages:(4/241)----------
command: compile -XDignore.symbol.file=true /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java
reason: .class file out of date or does not exist
Mode: othervm
elapsed time (seconds): 2.619
----------configuration:(6/377)----------
javac compilation environment
source path: /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto
class path: /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto
/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto
/home/walshbp/openjdk8-openj9-binary/jdk8u181-b13/lib/tools.jar
----------rerun:(24/1614)*----------
cd /home/walshbp/jtreg_testing/JTwork/scratch && \\
DISPLAY=:1 \\
GNOME_DESKTOP_SESSION_ID=this-is-deprecated \\
HOME=/home/walshbp \\
LANG=en_GB.UTF-8 \\
PATH=/bin:/usr/bin \\
XMODIFIERS=@im=ibus \\
/home/walshbp/openjdk8-openj9-binary/jdk8u181-b13/bin/javac \\
-J-XX:HeapDumpPath=/tmp \\
-J-Dtest.src=/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto \\
-J-Dtest.src.path=/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto \\
-J-Dtest.classes=/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto \\
-J-Dtest.class.path=/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto \\
-J-Dtest.vm.opts=-XX:HeapDumpPath=/tmp \\
-J-Dtest.tool.vm.opts=-J-XX:HeapDumpPath=/tmp \\
-J-Dtest.compiler.opts= \\
-J-Dtest.java.opts= \\
-J-Dtest.jdk=/home/walshbp/openjdk8-openj9-binary/jdk8u181-b13 \\
-J-Dcompile.jdk=/home/walshbp/openjdk8-openj9-binary/jdk8u181-b13 \\
-J-Dtest.timeout.factor=1.0 \\
-d /home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto \\
-sourcepath /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto \\
-classpath /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto:/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto:/home/walshbp/openjdk8-openj9-binary/jdk8u181-b13/lib/tools.jar \\
-XDignore.symbol.file=true /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java
----------System.out:(0/0)----------
----------System.err:(4/363)----------
Note: /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java uses or overrides a deprecated API.
Note: Recompile with -Xlint:deprecation for details.
Note: /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java uses unchecked or unsafe operations.
Note: Recompile with -Xlint:unchecked for details.
result: Passed. Compilation successful
#section:main
----------messages:(4/257)----------
command: main -Dsun.net.spi.nameservice.provider.1=ns,mock HttpNegotiateServer
reason: User specified action: run main/othervm -Dsun.net.spi.nameservice.provider.1=ns,mock HttpNegotiateServer
Mode: othervm [/othervm specified]
elapsed time (seconds): 2.93
----------configuration:(0/0)----------
----------System.out:(76/3890)----------
Start KDC on 14648
Start KDC on 10188
-----------------------------------------------
>>>>> UDP packet received
WEB.DOMAIN> [email protected] sends AS-REQ for krbtgt/[email protected], KDCOptions:
KrbException: Additional pre-authentication required (25)
at KDC.processAsReq(KDC.java:1061)
at KDC.processMessage(KDC.java:630)
at KDC$1.run(KDC.java:1229)
Error 25 Additional pre-authentication required
>>>>> UDP request honored
-----------------------------------------------
>>>>> UDP packet received
WEB.DOMAIN> [email protected] sends AS-REQ for krbtgt/[email protected], KDCOptions:
Return [email protected] ticket for krbtgt/[email protected], flags INITIAL;PRE-AUTHENT
>>>>> UDP request honored
-----------------------------------------------
>>>>> UDP packet received
WEB.DOMAIN> null sends TGS-REQ for HTTP/[email protected], KDCOptions:
WEB.DOMAIN> presenting a ticket of [email protected] to krbtgt/[email protected]
Return [email protected] ticket for HTTP/[email protected], flags INITIAL
>>>>> UDP request honored
-----------------------------------------------
>>>>> UDP packet received
PROXY.DOMAIN> [email protected] sends AS-REQ for krbtgt/[email protected], KDCOptions:
KrbException: Additional pre-authentication required (25)
at KDC.processAsReq(KDC.java:1061)
at KDC.processMessage(KDC.java:630)
at KDC$1.run(KDC.java:1229)
Error 25 Additional pre-authentication required
>>>>> UDP request honored
-----------------------------------------------
>>>>> UDP packet received
PROXY.DOMAIN> [email protected] sends AS-REQ for krbtgt/[email protected], KDCOptions:
Return [email protected] ticket for krbtgt/[email protected], flags INITIAL;PRE-AUTHENT
>>>>> UDP request honored
-----------------------------------------------
>>>>> UDP packet received
PROXY.DOMAIN> null sends TGS-REQ for HTTP/[email protected], KDCOptions:
PROXY.DOMAIN> presenting a ticket of [email protected] to krbtgt/[email protected]
Return [email protected] ticket for HTTP/[email protected], flags INITIAL
>>>>> UDP request honored
-----------------------------------------------
>>>>> UDP packet received
PROXY.DOMAIN> [email protected] sends AS-REQ for krbtgt/[email protected], KDCOptions:
KrbException: Additional pre-authentication required (25)
at KDC.processAsReq(KDC.java:1061)
at KDC.processMessage(KDC.java:630)
at KDC$1.run(KDC.java:1229)
Error 25 Additional pre-authentication required
>>>>> UDP request honored
-----------------------------------------------
>>>>> UDP packet received
PROXY.DOMAIN> [email protected] sends AS-REQ for krbtgt/[email protected], KDCOptions:
Return [email protected] ticket for krbtgt/[email protected], flags INITIAL;PRE-AUTHENT
>>>>> UDP request honored
-----------------------------------------------
>>>>> UDP packet received
PROXY.DOMAIN> null sends TGS-REQ for HTTP/[email protected], KDCOptions:
PROXY.DOMAIN> presenting a ticket of [email protected] to krbtgt/[email protected]
Return [email protected] ticket for HTTP/[email protected], flags INITIAL
>>>>> UDP request honored
-----------------------------------------------
>>>>> UDP packet received
WEB.DOMAIN> [email protected] sends AS-REQ for krbtgt/[email protected], KDCOptions:
KrbException: Additional pre-authentication required (25)
at KDC.processAsReq(KDC.java:1061)
at KDC.processMessage(KDC.java:630)
at KDC$1.run(KDC.java:1229)
Error 25 Additional pre-authentication required
>>>>> UDP request honored
-----------------------------------------------
>>>>> UDP packet received
WEB.DOMAIN> [email protected] sends AS-REQ for krbtgt/[email protected], KDCOptions:
Return [email protected] ticket for krbtgt/[email protected], flags INITIAL;PRE-AUTHENT
>>>>> UDP request honored
----------System.err:(41/2547)----------
Creating GSSCredential
Creating GSSCredential
Expecting to succeed when executing with the the logged in subject.
java.lang.RuntimeException: java.io.IOException: Server returned HTTP response code: 401 for URL: http://host.web.domain:44088/a/b/c
at HttpNegotiateServer.testConnect(HttpNegotiateServer.java:286)
at HttpNegotiateServer$3.run(HttpNegotiateServer.java:361)
at java.security.AccessController.doPrivileged(AccessController.java:732)
at javax.security.auth.Subject.doAs(Subject.java:422)
at HttpNegotiateServer.test8077155(HttpNegotiateServer.java:369)
at HttpNegotiateServer.main(HttpNegotiateServer.java:220)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:115)
at java.lang.Thread.run(Thread.java:813)
Caused by: java.io.IOException: Server returned HTTP response code: 401 for URL: http://host.web.domain:44088/a/b/c
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1894)
at sun.net.www.protocol.http.HttpURLConnection.access$200(HttpURLConnection.java:91)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1484)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1482)
at java.security.AccessController.doPrivileged(AccessController.java:904)
at java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:946)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1481)
at HttpNegotiateServer.testConnect(HttpNegotiateServer.java:277)
... 11 more
java.lang.RuntimeException: Test error
at HttpNegotiateServer.main(HttpNegotiateServer.java:227)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:115)
at java.lang.Thread.run(Thread.java:813)
JavaTest Message: Test threw exception: java.lang.RuntimeException: Test error
JavaTest Message: shutting down test
STATUS:Failed.`main' threw exception: java.lang.RuntimeException: Test error
----------rerun:(23/1530)*----------
cd /home/walshbp/jtreg_testing/JTwork/scratch && \\
DISPLAY=:1 \\
GNOME_DESKTOP_SESSION_ID=this-is-deprecated \\
HOME=/home/walshbp \\
LANG=en_GB.UTF-8 \\
PATH=/bin:/usr/bin \\
XMODIFIERS=@im=ibus \\
CLASSPATH=/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto:/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto:/home/walshbp/openjdk8-openj9-binary/jdk8u181-b13/lib/tools.jar:/home/walshbp/jtreg/lib/javatest.jar:/home/walshbp/jtreg/lib/jtreg.jar \\
/home/walshbp/openjdk8-openj9-binary/jdk8u181-b13/bin/java \\
-Dtest.src=/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto \\
-Dtest.src.path=/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto \\
-Dtest.classes=/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto \\
-Dtest.class.path=/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto \\
-Dtest.vm.opts=-XX:HeapDumpPath=/tmp \\
-Dtest.tool.vm.opts=-J-XX:HeapDumpPath=/tmp \\
-Dtest.compiler.opts= \\
-Dtest.java.opts= \\
-Dtest.jdk=/home/walshbp/openjdk8-openj9-binary/jdk8u181-b13 \\
-Dcompile.jdk=/home/walshbp/openjdk8-openj9-binary/jdk8u181-b13 \\
-Dtest.timeout.factor=1.0 \\
-XX:HeapDumpPath=/tmp \\
-Dsun.net.spi.nameservice.provider.1=ns,mock \\
com.sun.javatest.regtest.agent.MainWrapper /home/walshbp/jtreg_testing/JTwork/sun/security/krb5/auto/HttpNegotiateServer.d/main.0.jta
result: Failed. Execution failed: `main' threw exception: java.lang.RuntimeException: Test error
test result: Failed. Execution failed: `main' threw exception: java.lang.RuntimeException: Test error
Fails to compile on latest IBM Java 8 SDK ...
#Test Results (version 2)
#Thu Sep 27 11:57:06 BST 2018
#-----testdescription-----
$file=/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java
$root=/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test
keywords=bug6578647 bug6829283 othervm
run=USER_SPECIFIED main/othervm -Dsun.net.spi.nameservice.provider.1\=ns,mock HttpNegotiateServer\n
source=HttpNegotiateServer.java
title=HTTP/Negotiate\: Authenticator triggered again when user cancels the first one
#-----environment-----
#-----testresult-----
description=file\:/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java
elapsed=2104 0\:00\:02.104
end=Thu Sep 27 11\:57\:06 BST 2018
environment=regtest
execStatus=Failed. Compilation failed\: Compilation failed
harnessLoaderMode=Classpath Loader
harnessVariety=Full Bundle
hostname=bendev.hursley.ibm.com
javatestOS=Linux 4.4.0-64-generic (amd64)
javatestVersion=5.0
jtregVersion=jtreg 4.2 dev 398
script=com.sun.javatest.regtest.exec.RegressionScript
sections=script_messages build compile
start=Thu Sep 27 11\:57\:04 BST 2018
test=sun/security/krb5/auto/HttpNegotiateServer.java
testJDK=/home/walshbp/ibm-java-8-binary/ibm-java-x86_64-80
totalTime=2110
user.name=walshbp
work=/home/walshbp/jtreg_testing/JTwork/sun/security/krb5/auto
#section:script_messages
----------messages:(8/401)----------
JDK under test: /home/walshbp/ibm-java-8-binary/ibm-java-x86_64-80
java version "1.8.0_181"
Java(TM) SE Runtime Environment (build 8.0.5.21 - pxa6480sr5fp21-20180830_01(SR5 FP21))
IBM J9 VM (build 2.9, JRE 1.8.0 Linux amd64-64-Bit Compressed References 20180829_395745 (JIT enabled, AOT enabled)
OpenJ9 - e82188c
OMR - eeaa30e
IBM - 98805ca)
JCL - 20180821_01 based on Oracle jdk8u181-b12
#section:build
----------messages:(5/150)----------
command: build HttpNegotiateServer
reason: Named class compiled on demand
Test directory:
compile: HttpNegotiateServer
elapsed time (seconds): 1.95
result: Failed. Compilation failed: Compilation failed
#section:compile
----------messages:(4/214)----------
command: compile /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java
reason: .class file out of date or does not exist
Mode: othervm
elapsed time (seconds): 1.946
----------configuration:(6/378)----------
javac compilation environment
source path: /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto
class path: /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto
/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto
/home/walshbp/ibm-java-8-binary/ibm-java-x86_64-80/lib/tools.jar
----------rerun:(23/1580)*----------
cd /home/walshbp/jtreg_testing/JTwork/scratch && \\
DISPLAY=:1 \\
GNOME_DESKTOP_SESSION_ID=this-is-deprecated \\
HOME=/home/walshbp \\
LANG=en_GB.UTF-8 \\
PATH=/bin:/usr/bin \\
XMODIFIERS=@im=ibus \\
/home/walshbp/ibm-java-8-binary/ibm-java-x86_64-80/bin/javac \\
-J-XX:HeapDumpPath=/tmp \\
-J-Dtest.src=/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto \\
-J-Dtest.src.path=/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto \\
-J-Dtest.classes=/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto \\
-J-Dtest.class.path=/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto \\
-J-Dtest.vm.opts=-XX:HeapDumpPath=/tmp \\
-J-Dtest.tool.vm.opts=-J-XX:HeapDumpPath=/tmp \\
-J-Dtest.compiler.opts= \\
-J-Dtest.java.opts= \\
-J-Dtest.jdk=/home/walshbp/ibm-java-8-binary/ibm-java-x86_64-80 \\
-J-Dcompile.jdk=/home/walshbp/ibm-java-8-binary/ibm-java-x86_64-80 \\
-J-Dtest.timeout.factor=1.0 \\
-d /home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto \\
-sourcepath /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto \\
-classpath /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto:/home/walshbp/jtreg_testing/JTwork/classes/sun/security/krb5/auto:/home/walshbp/ibm-java-8-binary/ibm-java-x86_64-80/lib/tools.jar /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java
----------System.out:(0/0)----------
----------System.err:(485/26193)----------
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java:38: error: package com.sun.security.auth.module does not exist
import com.sun.security.auth.module.Krb5LoginModule;
^
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java:68: error: package sun.security.jgss does not exist
import sun.security.jgss.GSSUtil;
^
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java:69: error: package sun.security.krb5 does not exist
import sun.security.krb5.Config;
^
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:36: error: package sun.security.krb5 does not exist
import sun.security.krb5.*;
^
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:37: error: package sun.security.krb5.internal does not exist
import sun.security.krb5.internal.*;
^
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:38: error: package sun.security.krb5.internal.ccache does not exist
import sun.security.krb5.internal.ccache.CredentialsCache;
^
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:39: error: package sun.security.krb5.internal.crypto does not exist
import sun.security.krb5.internal.crypto.KeyUsage;
^
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:40: error: package sun.security.krb5.internal.ktab does not exist
import sun.security.krb5.internal.ktab.KeyTab;
^
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:41: error: cannot find symbol
import sun.security.util.DerInputStream;
^
symbol: class DerInputStream
location: package sun.security.util
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:42: error: cannot find symbol
import sun.security.util.DerOutputStream;
^
symbol: class DerOutputStream
location: package sun.security.util
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:43: error: cannot find symbol
import sun.security.util.DerValue;
^
symbol: class DerValue
location: package sun.security.util
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:290: error: cannot find symbol
throws IOException, KrbException {
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:320: error: cannot find symbol
throws IOException, KrbException {
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:329: error: cannot find symbol
throws IOException, KrbException {
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:338: error: cannot find symbol
public void writeKtab(String tab) throws IOException, KrbException {
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:345: error: cannot find symbol
public void appendKtab(String tab) throws IOException, KrbException {
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:525: error: cannot find symbol
private static EncryptionKey generateRandomKey(int eType)
^
symbol: class EncryptionKey
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:526: error: cannot find symbol
throws KrbException {
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:549: error: cannot find symbol
private char[] getPassword(PrincipalName p, boolean server)
^
symbol: class PrincipalName
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:550: error: cannot find symbol
throws KrbException {
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:569: error: cannot find symbol
protected String getSalt(PrincipalName p) {
^
symbol: class PrincipalName
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:598: error: cannot find symbol
private EncryptionKey keyForUser(PrincipalName p, int etype, boolean server)
^
symbol: class PrincipalName
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:598: error: cannot find symbol
private EncryptionKey keyForUser(PrincipalName p, int etype, boolean server)
^
symbol: class EncryptionKey
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:599: error: cannot find symbol
throws KrbException {
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:1457: error: cannot find symbol
private static final Constructor<EncryptedData> ctorEncryptedData;
^
symbol: class EncryptedData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:1481: error: cannot find symbol
private EncryptedData newEncryptedData(DerValue der) {
^
symbol: class DerValue
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:1481: error: cannot find symbol
private EncryptedData newEncryptedData(DerValue der) {
^
symbol: class EncryptedData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:1488: error: cannot find symbol
private static PAData[] KDCReqDotPAData(KDCReq req) {
^
symbol: class KDCReq
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:1488: error: cannot find symbol
private static PAData[] KDCReqDotPAData(KDCReq req) {
^
symbol: class PAData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:1495: error: cannot find symbol
private static int[] KDCReqBodyDotEType(KDCReqBody body) {
^
symbol: class KDCReqBody
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:1503: error: cannot find symbol
byte[] s2kparams, int keyType) throws KrbCryptoException {
^
symbol: class KrbCryptoException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:1513: error: cannot find symbol
private static Ticket KDCReqBodyDotFirstAdditionalTicket(KDCReqBody body) {
^
symbol: class KDCReqBody
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:1513: error: cannot find symbol
private static Ticket KDCReqBodyDotFirstAdditionalTicket(KDCReqBody body) {
^
symbol: class Ticket
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java:181: error: cannot find symbol
Config.refresh();
^
symbol: variable Config
location: class HttpNegotiateServer
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/OneKDC.java:32: error: package sun.security.krb5 does not exist
import sun.security.krb5.Config;
^
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java:431: error: cannot find symbol
Krb5LoginModule krb5 = new Krb5LoginModule();
^
symbol: class Krb5LoginModule
location: class MyServerAuthenticator
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java:431: error: cannot find symbol
Krb5LoginModule krb5 = new Krb5LoginModule();
^
symbol: class Krb5LoginModule
location: class MyServerAuthenticator
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java:452: error: cannot find symbol
GSSUtil.GSS_SPNEGO_MECH_OID:
^
symbol: variable GSSUtil
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java:453: error: cannot find symbol
GSSUtil.GSS_KRB5_MECH_OID,
^
symbol: variable GSSUtil
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:291: error: cannot find symbol
KeyTab ktab = append ? KeyTab.getInstance(tab) : KeyTab.create(tab);
^
symbol: class KeyTab
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:291: error: cannot find symbol
KeyTab ktab = append ? KeyTab.getInstance(tab) : KeyTab.create(tab);
^
symbol: variable KeyTab
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:291: error: cannot find symbol
KeyTab ktab = append ? KeyTab.getInstance(tab) : KeyTab.create(tab);
^
symbol: variable KeyTab
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:300: error: cannot find symbol
PrincipalName pn = new PrincipalName(name,
^
symbol: class PrincipalName
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:300: error: cannot find symbol
PrincipalName pn = new PrincipalName(name,
^
symbol: class PrincipalName
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:321: error: cannot find symbol
KeyTab.create(tab).save(); // Empty the old keytab
^
symbol: variable KeyTab
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:532: error: cannot find symbol
case EncryptedData.ETYPE_DES_CBC_MD5: algo = "DES"; break;
^
symbol: variable EncryptedData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:533: error: cannot find symbol
case EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD: algo = "DESede"; break;
^
symbol: variable EncryptedData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:534: error: cannot find symbol
case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96: algo = "AES128"; break;
^
symbol: variable EncryptedData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:535: error: cannot find symbol
case EncryptedData.ETYPE_ARCFOUR_HMAC: algo = "ArcFourHMAC"; break;
^
symbol: variable EncryptedData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:536: error: cannot find symbol
case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96: algo = "AES256"; break;
^
symbol: variable EncryptedData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:539: error: cannot find symbol
return new EncryptionKey(pass, "NOTHING", algo); // Silly
^
symbol: class EncryptionKey
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:557: error: cannot find symbol
throw new KrbException(server?
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:577: error: cannot find symbol
p = new PrincipalName(passwords.ceilingEntry(pn).getKey());
^
symbol: class PrincipalName
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:578: error: cannot find symbol
} catch (RealmException re) {
^
symbol: class RealmException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:612: error: cannot find symbol
return new EncryptionKey(EncryptionKeyDotStringToKey(
^
symbol: class EncryptionKey
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:615: error: cannot find symbol
} catch (KrbException ke) {
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:629: error: cannot find symbol
if ((in[0] & 0x1f) == Krb5.KRB_AS_REQ)
^
symbol: variable Krb5
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:642: error: cannot find symbol
TGSReq tgsReq = new TGSReq(in);
^
symbol: class TGSReq
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:642: error: cannot find symbol
TGSReq tgsReq = new TGSReq(in);
^
symbol: class TGSReq
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:643: error: cannot find symbol
PrincipalName service = tgsReq.reqBody.sname;
^
symbol: class PrincipalName
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:645: error: cannot find symbol
service = new PrincipalName((int)options.get(KDC.Option.RESP_NT),
^
symbol: class PrincipalName
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:652: error: cannot find symbol
KDCReqBody body = tgsReq.reqBody;
^
symbol: class KDCReqBody
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:657: error: cannot find symbol
PAData[] pas = KDCReqDotPAData(tgsReq);
^
symbol: class PAData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:659: error: cannot find symbol
Ticket tkt = null;
^
symbol: class Ticket
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:660: error: cannot find symbol
EncTicketPart etp = null;
^
symbol: class EncTicketPart
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:662: error: cannot find symbol
PrincipalName cname = null;
^
symbol: class PrincipalName
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:666: error: cannot find symbol
throw new KrbException(Krb5.KDC_ERR_PADATA_TYPE_NOSUPP);
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:666: error: cannot find symbol
throw new KrbException(Krb5.KDC_ERR_PADATA_TYPE_NOSUPP);
^
symbol: variable Krb5
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:668: error: cannot find symbol
PrincipalName forUserCName = null;
^
symbol: class PrincipalName
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:669: error: cannot find symbol
for (PAData pa: pas) {
^
symbol: class PAData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:670: error: cannot find symbol
if (pa.getType() == Krb5.PA_TGS_REQ) {
^
symbol: variable Krb5
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:671: error: cannot find symbol
APReq apReq = new APReq(pa.getValue());
^
symbol: class APReq
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:671: error: cannot find symbol
APReq apReq = new APReq(pa.getValue());
^
symbol: class APReq
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:672: error: cannot find symbol
EncryptedData ed = apReq.authenticator;
^
symbol: class EncryptedData
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:675: error: cannot find symbol
EncryptionKey kkey = keyForUser(tkt.sname, te, true);
^
symbol: class EncryptionKey
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:676: error: cannot find symbol
byte[] bb = tkt.encPart.decrypt(kkey, KeyUsage.KU_TICKET);
^
symbol: variable KeyUsage
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:677: error: cannot find symbol
DerInputStream derIn = new DerInputStream(bb);
^
symbol: class DerInputStream
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:677: error: cannot find symbol
DerInputStream derIn = new DerInputStream(bb);
^
symbol: class DerInputStream
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:678: error: cannot find symbol
DerValue der = derIn.getDerValue();
^
symbol: class DerValue
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:679: error: cannot find symbol
etp = new EncTicketPart(der.toByteArray());
^
symbol: class EncTicketPart
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:685: error: cannot find symbol
} else if (pa.getType() == Krb5.PA_FOR_USER) {
^
symbol: variable Krb5
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:687: error: cannot find symbol
PAForUserEnc p4u = new PAForUserEnc(
^
symbol: class PAForUserEnc
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:687: error: cannot find symbol
PAForUserEnc p4u = new PAForUserEnc(
^
symbol: class PAForUserEnc
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:688: error: cannot find symbol
new DerValue(pa.getValue()), null);
^
symbol: class DerValue
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:706: error: cannot find symbol
throw new KrbException(Krb5.KDC_ERR_PADATA_TYPE_NOSUPP);
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:706: error: cannot find symbol
throw new KrbException(Krb5.KDC_ERR_PADATA_TYPE_NOSUPP);
^
symbol: variable Krb5
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:711: error: cannot find symbol
EncryptionKey ckey = etp.key;
^
symbol: class EncryptionKey
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:714: error: cannot find symbol
EncryptionKey key = generateRandomKey(e2);
^
symbol: class EncryptionKey
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:717: error: cannot find symbol
KerberosTime till = body.till;
^
symbol: class KerberosTime
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:719: error: cannot find symbol
throw new KrbException(Krb5.KDC_ERR_NEVER_VALID); // TODO
^
symbol: class KrbException
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:719: error: cannot find symbol
throw new KrbException(Krb5.KDC_ERR_NEVER_VALID); // TODO
^
symbol: variable Krb5
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:721: error: cannot find symbol
till = new KerberosTime(new Date().getTime() + 1000 * 3600 * 11);
^
symbol: class KerberosTime
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:724: error: cannot find symbol
boolean[] bFlags = new boolean[Krb5.TKT_OPTS_MAX+1];
^
symbol: variable Krb5
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:725: error: cannot find symbol
if (body.kdcOptions.get(KDCOptions.FORWARDABLE)
^
symbol: variable KDCOptions
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:732: error: cannot find symbol
bFlags[Krb5.TKT_OPTS_FORWARDABLE] = true;
^
symbol: variable Krb5
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:735: error: cannot find symbol
if (body.kdcOptions.get(KDCOptions.FORWARDED) ||
^
symbol: variable KDCOptions
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:736: error: cannot find symbol
etp.flags.get(Krb5.TKT_OPTS_FORWARDED)) {
^
symbol: variable Krb5
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:737: error: cannot find symbol
bFlags[Krb5.TKT_OPTS_FORWARDED] = true;
^
symbol: variable Krb5
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:739: error: cannot find symbol
if (body.kdcOptions.get(KDCOptions.RENEWABLE)) {
^
symbol: variable KDCOptions
location: class KDC
/home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java:740: error: cannot find symbol
bFlags[Krb5.TKT_OPTS_RENEWABLE] = true;
^
symbol: variable Krb5
location: class KDC
Note: /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java uses or overrides a deprecated API.
Note: Recompile with -Xlint:deprecation for details.
Note: /home/walshbp/jep_testing/openj9-openjdk-jdk8/jdk/test/sun/security/krb5/auto/KDC.java uses unchecked or unsafe operations.
Note: Recompile with -Xlint:unchecked for details.
100 errors
result: Failed. Compilation failed: Compilation failed
test result: Failed. Compilation failed: Compilation failed
When the "sub-test" test8077155 is removed from execution, the test passes against OpenJDK11+OpenJ9.
For clarity - test/jdk/sun/security/krb5/auto/HttpNegotiateServer.java was only run this time as a check for any regressions resulting from adding the TLS 1.3 support - it is not explicitly testing TLS 1.3 support.
Considering this and the other evidence above, I DO NOT consider that this issue should delay the OpenJDK11+OpenJ9 release any further.
ben-walsh
on 27 Sep 2018
I'll just note this issue in particular is not delaying the release, there are other issues in the release plan https://github.com/eclipse/openj9/milestone/3
pshipton
on 27 Sep 2018
Was this page helpful?
0 / 5 - 0 ratings
Related issues
VermaSh
路
3Comments
ciplogic
路
3Comments
mikezhang1234567890
路
5Comments
xliang6
路
6Comments
pshipton
路
3Comments
Most helpful comment
The problem is during enumerating
AccessControlContextandProtectionDomainobjects when limited privilege has been specified in current thread access context withinj.s.AccessController.getContextHelper().In this failed testcase, there are two frames of access control objects returned from
AccessController.getAccSnapshot(), first frame contains anAccessControlContextobject withnull domainCombiner, and the second frame contains anotherAccessControlContextobject withSubjectDomainCombiner.Current algorithm returns first frame
AccessControlContextobject with next frameAccessControlContextasAccessControlContext.nextStackAcchenceSubjectDomainCombinerdoesn't present at returningAccessControlContext.domainCombiner.Adding following hack code snippet for the returning
AccessControlContextobject makes the test pass.This is not a proper fix but indeed shows where is the problem and the direction for actual fix.