Date: Mon, 22 Oct 2007 22:18:34 -0700 From: Greg Lewis <glewis@eyesbeyond.com> To: Nick Johnson <freebsd@spatula.net> Cc: freebsd-java@freebsd.org Subject: Re: FreeBSD jdk15 does not read java.security? Message-ID: <20071023051834.GA25983@misty.eyesbeyond.com> In-Reply-To: <20071022222034.A25435@turing> References: <20071022222034.A25435@turing>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 22, 2007 at 10:53:00PM -0700, Nick Johnson wrote: > While still trying to investigate this InetAddress negative caching > problem I have, I found something a bit puzzling... If I could get someone > else to verify, that would be great. > > It looks like the 1.5.0_12-p6 JDK never reads java.security when it starts > up. Consequently the netaddress.cache.ttl and > netaddress.cache.negative.ttl properties are never read and initialized, > so the cache reverts to its defaults of caching forever... or at least > that's my hypothesis. > > I wrote a tiny Java program that does nothing other than resolve a > hostname and ran it using truss. Though the JVM does open a number of > other configuration files, java.security is not one of them. My old copy > of 1.4.2 also does not open java.security. > > It's conceivable that truss is somehow missing the system call to read > java.security, but it does seem to be catching lots of other open > and stat calls. > > On Linux, strace shows the java.security open call happens just before the > name resolution would happen. On Windows, filemon shows it happens just > after classes.jsa is read. > > Can someone verify that the following program when run with the FreeBSD > 1.5 JDK results in no open calls for java.security? > > Tiny test program follows. Save it as Test.java, compile with javac > Test.java and run it with "truss -o truss.out java -f Test", then you can > grep truss.out for open system calls. > > import java.net.*; > > public class Test { > public static void main(String[] args) throws Exception { > InetAddress address = InetAddress.getByName("freebsd.org"); > System.out.println(address); > } > } So, what do you see if you run java with -Djava.security.debug=properties? Here is an example of what I see: > /usr/local/jdk1.5.0/bin/java -Djava.security.debug=properties SocketTest properties: reading security properties file: /usr/local/jdk1.5.0/jre/lib/security/java.security That leads me to believe that at least on my system java.security is being read. To see what I'm looking for, take a look at j2se/src/share/classes/java/security/Security.java Do you get the message above, nothing, or a stack trace? -- Greg Lewis Email : glewis@eyesbeyond.com Eyes Beyond Web : http://www.eyesbeyond.com Information Technology FreeBSD : glewis@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071023051834.GA25983>