8008793: SecurityManager.checkXXX behavior not specified for methods that check AWTPermission and AWT not present
Dmitry Samersoff
dmitry.samersoff at oracle.com
Mon Feb 25 13:58:58 UTC 2013
On 2013-02-25 17:49, Alan Bateman wrote:
> On 25/02/2013 13:21, Dmitry Samersoff wrote:
>> Alan,
>>
>> Did you consider to explicitly throw security exception with the message
>> like "Permission couldn't be granted because of wrong profile" or
>> something like this.
>>
>> -Dmitry
> These checkXXX method should only be called from AWT or other client
> code that already its own dependency on AWT (in which case
> java.awt.AWTPermission will exist. So it's really a corner case for
> these methods to be invoked when AWT is not present so I don't think we
> have to do very much.
Yes, I see.
But IMHO,
if (.. = null)
throw new SecurtyException("Permission couldn't be granted");
doesn't complicate things, but would be a clean reminder to app
developers that theirs code is wrong and have to be fixed.
-Dmitry
--
Dmitry Samersoff
Oracle Java development team, Saint Petersburg, Russia
* Give Rabbit time, and he'll always get the answer
More information about the security-dev
mailing list