[9] RFR: 8075007: Additional tests for krb5-related cipher suites with unbound server

Weijun Wang weijun.wang at oracle.com
Thu Apr 23 08:18:45 UTC 2015

One question:

As for the 3 boolean flags you added to KDC.java (BTW, maybe 
"consumer"?), is it possible to wait for them to be true right at the 
end of the startServer() method? I believe all the current tests can 
actually benefit from this.


On 4/23/2015 2:30 PM, Artem Smotrakov wrote:
> Hi Max,
> On 04/22/2015 05:51 PM, Weijun Wang wrote:
>> Hi Artem
>> These are splendid tests. So do they just all pass? :-)
> Yes, fortunately they do :)
>> One question, does the policy file make any difference in
>> UnboundSSLMultipleKeys.java and UnboundSSLPrincipalProperty.java?
> No, these two don't requite the policy file. But they still need to be
> run in othervm mode since they use system properties. I updated these
> two tests not to use the policy file
> http://cr.openjdk.java.net/~asmotrak/8075007/webrev.01/
> Artem
>> Thanks
>> Max
>> On 4/21/2015 10:41 PM, Artem Smotrakov wrote:
>>> Hello,
>>> Please review a couple of new tests for krb5 cipher suites with unbound
>>> server:
>>> - tests check if an unbound server can handle connections only for
>>> allowed service principals
>>> - tests check if an unbound server picks up a correct key from keytab
>>> - tests check if an unbound server uses a service principal from
>>> "sun.security.krb5.principal" system property if specified
>>> I also added a helper method to KDC.java to check that a KDC instance is
>>> up.
>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8075007
>>> Webrev: http://cr.openjdk.java.net/~asmotrak/8075007/webrev.00/
>>> Artem

More information about the security-dev mailing list