On Thu, 5 Sep 2024 20:20:28 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> I don't like the silent mode. If no one uses that key name, then everything >> is fine anyway. Otherwise, if someone really sets it, it's very likely they >> will want to read it somewhere and expect a non `null` value. >> >> Can we just support it as a real security property? i.e. if it appears in >> `java.security`, besides loading the content, we can also read it as a >> security property. And then we also allow it in `setProperty` and >> `getProperty`. I can see some behavior change: >> >> 1. If it's in `java.security` and not point to a real file, there will be an >> exception. >> 2. If it appears in an included file, the value will overwrite the previous >> one. >> >> For 1, I don't think you want to be silent about the missing file. For 2, we >> can ignore it as a security property, but this becomes a little complex. > > I'm ok with proceeding to integrate. @wangweij do you have any further > comments or concerns? > > If Weijun is ok with proceeding, you will need to finalize the CSR before you > can integrate. You also need to write a release note, unless I missed that. @seanjmullan I proposed the following release note: https://bugs.openjdk.org/browse/JDK-8339636 Let me know if you would like to suggest changes. Feel free to edit the proposal yourself if more convenient. ------------- PR Comment: https://git.openjdk.org/jdk/pull/16483#issuecomment-2332992336
