JDK-8020390 : LSP: LocalSecurityPolicy is initialized too soon
  • Type: Bug
  • Component: deploy
  • Affected Version: 7u40
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2013-07-11
  • Updated: 2014-08-23
  • Resolved: 2013-07-13
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 JDK 8
7u40 b34Fixed 8Fixed
Related Reports
Duplicate :  
Duplicate :  
Description
The initialization of LSP occurs too soon in both javaws and plugin causing lots of problems:
1.) it is initialized before proxies are initialized, so if it is valid policy jar with re vocation checking on, cannot use proxies to reach the OCSP.
2.) it is initialized before trace is initialized, so we cannot see Trace statements related to parsing lsp file.
3.) it is initialized in javaws when launch javaws for reasons other than running an app:
javaws -viewer, javaws -import, javaws - SSVBaselineUpdate, etc.
in all the above cases, revocation checking of a valid policy file may have to timeout before the operation can proceed.

Comments
Verified using 7u40-b42
2013-09-09

SQE-OK to get this issue fixed in 7u40.
2013-07-12

move the call to LocalSecurityPolicy.initialize to later in the init sequence.
2013-07-11