Date: Mon, 22 Oct 2007 22:18:34 -0700 From: Greg Lewis <glewis@eyesbeyond.com> To: Nick Johnson <freebsd@spatula.net> Cc: freebsd-java@freebsd.org Subject: Re: FreeBSD jdk15 does not read java.security? Message-ID: <20071023051834.GA25983@misty.eyesbeyond.com> In-Reply-To: <20071022222034.A25435@turing> References: <20071022222034.A25435@turing>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 22, 2007 at 10:53:00PM -0700, Nick Johnson wrote:
> While still trying to investigate this InetAddress negative caching
> problem I have, I found something a bit puzzling... If I could get someone
> else to verify, that would be great.
>
> It looks like the 1.5.0_12-p6 JDK never reads java.security when it starts
> up. Consequently the netaddress.cache.ttl and
> netaddress.cache.negative.ttl properties are never read and initialized,
> so the cache reverts to its defaults of caching forever... or at least
> that's my hypothesis.
>
> I wrote a tiny Java program that does nothing other than resolve a
> hostname and ran it using truss. Though the JVM does open a number of
> other configuration files, java.security is not one of them. My old copy
> of 1.4.2 also does not open java.security.
>
> It's conceivable that truss is somehow missing the system call to read
> java.security, but it does seem to be catching lots of other open
> and stat calls.
>
> On Linux, strace shows the java.security open call happens just before the
> name resolution would happen. On Windows, filemon shows it happens just
> after classes.jsa is read.
>
> Can someone verify that the following program when run with the FreeBSD
> 1.5 JDK results in no open calls for java.security?
>
> Tiny test program follows. Save it as Test.java, compile with javac
> Test.java and run it with "truss -o truss.out java -f Test", then you can
> grep truss.out for open system calls.
>
> import java.net.*;
>
> public class Test {
> public static void main(String[] args) throws Exception {
> InetAddress address = InetAddress.getByName("freebsd.org");
> System.out.println(address);
> }
> }
So, what do you see if you run java with -Djava.security.debug=properties?
Here is an example of what I see:
> /usr/local/jdk1.5.0/bin/java -Djava.security.debug=properties SocketTest
properties: reading security properties file: /usr/local/jdk1.5.0/jre/lib/security/java.security
That leads me to believe that at least on my system java.security is being
read. To see what I'm looking for, take a look at
j2se/src/share/classes/java/security/Security.java
Do you get the message above, nothing, or a stack trace?
--
Greg Lewis Email : glewis@eyesbeyond.com
Eyes Beyond Web : http://www.eyesbeyond.com
Information Technology FreeBSD : glewis@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071023051834.GA25983>