Debugging in-built java apis

I am using the java.security package to verify some digital signatures. Basically I am calling the verify me开发者_开发知识库thod of the Signature class. I want to understand the internal logic of the verify method. Therefore I have extracted the Signature.class from the rt.jar, decompiled it and then put it in proper package structure in my eclipse project. However, it is not compiling and complaining about "cannot resolve" errors. I am fixing them one by one by decompiling other inbuilt java classes but this seems to be endless. Is this the correct approach to debug in-built java api's or is there some other recommended approach ?

You can attach the JDK sources in Eclipse: There should be a src.jar in your JDK installation. That way you can conveniently browse and debug them. Does not include some of the javax and com.sun classes, but it is a start.

Re-compiling and replacing JDK classes is very difficult.

Did you see the java.security.debug flag?

... if you wish to monitor security access, you can set the java.security.debug System property. To see a list of all debugging options, use the help setting, the all setting allows you to see everything:

java -Djava.security.debug=help foo

all       turn on all debugging

access    print all checkPermission results
jar       jar verification
policy    loading and granting
scl       permissions SecureClassLoader assigns

The following can be used with access:

stack     include stack trace
domain    dumps all domains in context
failure   before throwing exception, dump stack
          and domain that didn't have permission

Is this the correct approach to debug in-built java api's or is there some other recommended approach ?

I'd added source of the API using attach source into the eclipse and use the default debugger to debug the app