Bug ID: JDK-8051959 Add thread and timestamp options to java.security.debug system property

Type: Enhancement
Component: security-libs
Sub-Component: java.security

Priority: P4
Status: Resolved
Resolution: Fixed
OS: generic
CPU: generic

Submitted: 2014-07-25
Updated: 2024-11-04
Resolved: 2024-04-02

JDK 11	JDK 17	JDK 21	JDK 23
11.0.26-oracleFixed	17.0.13-oracleFixed	21.0.5-oracleFixed	23 b17Fixed

The task of tracing the culprits of sharing native pkcs11 objects through core dumps is often time consuming. It is easier to have debug traces to print which threads are accessing each pkcs11 session and if necessary, print the stack traces.

This is a proposal to improve the java.security.debug output so that options exist to add thread ID, thread name, source of log record and a timestamp information to the output.

[jdk17u-fix-request] Approval Request from Martin Should get backported for parity with 17.0.13-oracle. The backport has been reviewed and tier 1-4 have passed.
25-06-2024
[jdk21u-fix-request] Approval Request from Martin Should get backported for parity with 21.0.5-oracle. The backport has been reviewed and tier 1-4 have passed.
25-06-2024
A pull request was submitted for review. URL: https://git.openjdk.org/jdk17u-dev/pull/2631 Date: 2024-06-24 10:47:05 +0000
24-06-2024
[~coffeys] Thanks for taking care of the CSR.
22-06-2024
[~mdoerr] the CSR fixVersion field was updated.
21-06-2024
[~mdoerr] you should be ok to edit the CSR fixVersion itself ? Let me check in with CSR team on what the process is here first though (i.e. not optimal to edit details of a CSR already approved) - will update you as soon as I've an answer.
20-06-2024
A pull request was submitted for review. URL: https://git.openjdk.org/jdk21u-dev/pull/761 Date: 2024-06-19 11:53:29 +0000
19-06-2024
[~coffeys] Can you open up the CSR for JDK 21 and 17, please? We need it for the OpenJDK, too.
19-06-2024
Changeset: 3b582dff Author: Sean Coffey <coffeys@openjdk.org> Date: 2024-04-02 08:51:13 +0000 URL: https://git.openjdk.org/jdk/commit/3b582dff849f1c25336e2efc415eb121f8b12189
02-04-2024
[~coffeys] Can you remove sparc and solaris from the CPU and OS fields as this RFE is useful for all platforms?
26-03-2024
A pull request was submitted for review. URL: https://git.openjdk.org/jdk/pull/18084 Date: 2024-03-01 15:13:49 +0000
01-03-2024
This could be regarded as an supportability issue for all code using the java.security.debug system property. Perhaps we can introduce an option where the thread details are printed if requested. The SSL logger already prints thread details per line. The thread info could be turned on per debug option. e.g. "-Djava.security.debug=jar+threadInfo,certpath" would yield extra information about the thread ID and thread name per "jar" component println's but not for the certpath debug component println statements. sample output: jar[10:main]: processSignature signed name = first.txt jar[10:main]: done with meta! jar[10:main]: beginEntry first.txt jar[10:main]: Manifest Entry: first.txt digest=SHA-384 jar[10:main]: manifest 38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b jar[10:main]: computed 38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b jar[10:main]: jar[10:main]: beginEntry META-INF/alias.sf jar[10:main]: beginEntry META-INF/alias.rsa jar[10:main]: beginEntry META-INF/manifest.mf
05-01-2024

CSR :	JDK-8327569 - Add thread and timestamp options to java.security.debug system property
Relates :	JDK-8247961 - java.security.debug may raise ClassCircularityError

JDK-8331053 :	Release Note: Thread and Timestamp Options for java.security.debug System Property - Resolved
JDK-8339100 :	Release Note: Thread and Timestamp Options for java.security.debug System Property - Resolved
JDK-8339101 :	Release Note: Thread and Timestamp Options for java.security.debug System Property - Resolved