I am using the java.security package to verify some digital signatures. Basically I am calling the verify me开发者_开发知识库thod of the Signature class. I want to understand the internal logic of the verify method. Therefore I have extracted the Signature.class from the rt.jar, decompiled it and then put it in proper package structure in my eclipse project. However, it is not compiling and complaining about "cannot resolve" errors. I am fixing them one by one by decompiling other inbuilt java classes but this seems to be endless. Is this the correct approach to debug in-built java api's or is there some other recommended approach ?
You can attach the JDK sources in Eclipse: There should be a src.jar in your JDK installation. That way you can conveniently browse and debug them. Does not include some of the javax and com.sun classes, but it is a start.
Re-compiling and replacing JDK classes is very difficult.
Did you see the java.security.debug flag?
... if you wish to monitor security access, you can set the java.security.debug System property. To see a list of all debugging options, use the help setting, the all setting allows you to see everything:
java -Djava.security.debug=help foo
all turn on all debugging
access print all checkPermission results
jar jar verification
policy loading and granting
scl permissions SecureClassLoader assigns
The following can be used with access:
stack include stack trace
domain dumps all domains in context
failure before throwing exception, dump stack
and domain that didn't have permission
Is this the correct approach to debug in-built java api's or is there some other recommended approach ?
I'd added source of the API using attach source into the eclipse and use the default debugger to debug the app
精彩评论