< prev index next >
src/java.base/share/classes/java/security/Security.java
Print this page
@@ -28,10 +28,12 @@
import java.util.*;
import java.util.concurrent.ConcurrentHashMap;
import java.io.*;
import java.net.URL;
+import jdk.internal.event.EventHelper;
+import jdk.internal.event.JdkSecurityPropertyModificationEvent;
import jdk.internal.misc.SharedSecrets;
import jdk.internal.util.StaticProperty;
import sun.security.util.Debug;
import sun.security.util.PropertyExpander;
@@ -793,10 +795,44 @@
*/
public static void setProperty(String key, String datum) {
check("setProperty."+key);
props.put(key, datum);
invalidateSMCache(key); /* See below. */
+
+ if (isJdkSecurityProperty(key)) {
+ JdkSecurityPropertyModificationEvent spe = new JdkSecurityPropertyModificationEvent();
+ // following is a no-op if event is disabled
+ spe.key = key;
+ spe.value = datum;
+ spe.commit();
+
+ if (EventHelper.isLoggingSecurity()) {
+ EventHelper.logJdkSecurityPropertyEvent(key, datum);
+ }
+ }
+ }
+
+ /*
+ * Helper method to identify security properties
+ * that should be specific to JDK usage.
+ */
+ private static boolean isJdkSecurityProperty(String key) {
+ return key.startsWith("com.sun.") ||
+ key.startsWith("crypto.policy") ||
+ key.startsWith("jceks.key.serialFilter") ||
+ key.startsWith("jdk.") ||
+ key.startsWith("keystore.type") ||
+ key.startsWith("krb5.kdc.bad.policy") ||
+ key.startsWith("login.config") ||
+ key.startsWith("networkaddress.cache.") ||
+ key.startsWith("ocsp.") ||
+ key.startsWith("package.") ||
+ key.startsWith("policy.") ||
+ key.startsWith("securerandom.") ||
+ key.startsWith("security.") ||
+ key.startsWith("ssl.") ||
+ key.startsWith("sun.rmi.");
}
/*
* Implementation detail: If the property we just set in
* setProperty() was either "package.access" or
< prev index next >