Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8022931: Enhance Kerberos exceptions
authorweijun
Wed, 14 Aug 2013 15:25:16 +0800
changeset 20844 3f51de06462f
parent 20843 d20dafe74d79
child 20845 35f65a2db142
8022931: Enhance Kerberos exceptions Reviewed-by: xuelei, ahgross
jdk/src/share/classes/javax/security/auth/kerberos/KeyTab.java file | annotate | diff | comparison | revisions 
--- a/jdk/src/share/classes/javax/security/auth/kerberos/KeyTab.java	Thu Aug 15 21:44:35 2013 +0100
+++ b/jdk/src/share/classes/javax/security/auth/kerberos/KeyTab.java	Wed Aug 14 15:25:16 2013 +0800
@@ -26,6 +26,7 @@
 package javax.security.auth.kerberos;
 
 import java.io.File;
+import java.security.AccessControlException;
 import java.util.Objects;
 import sun.security.krb5.EncryptionKey;
 import sun.security.krb5.KerberosSecrets;
@@ -214,9 +215,22 @@
         return new KeyTab(princ, null, true);
     }
 
-    //Takes a snapshot of the keytab content
+    // Takes a snapshot of the keytab content. This method is called by
+    // JavaxSecurityAuthKerberosAccessImpl so no more private
     sun.security.krb5.internal.ktab.KeyTab takeSnapshot() {
-        return sun.security.krb5.internal.ktab.KeyTab.getInstance(file);
+        try {
+            return sun.security.krb5.internal.ktab.KeyTab.getInstance(file);
+        } catch (AccessControlException ace) {
+            if (file != null) {
+                // It's OK to show the name if caller specified it
+                throw ace;
+            } else {
+                AccessControlException ace2 = new AccessControlException(
+                        "Access to default keytab denied (modified exception)");
+                ace2.setStackTrace(ace.getStackTrace());
+                throw ace2;
+            }
+        }
     }
 
     /**
jdk-sandbox