[8] Code Review Request for 7019834: Eliminate dependency from PolicyFile to com.sun.security.auth.PrincipalComparator
Sean Mullan
sean.mullan at oracle.com
Tue Jan 8 10:49:33 PST 2013
On 01/05/2013 04:36 AM, Alan Bateman wrote:
> On 28/12/2012 17:39, Sean Mullan wrote:
>> As part of the effort to prepare the platform for modules (see
>> http://openjdk.java.net/jeps/162) we need to remove or deprecate
>> undesirable dependencies. One of these is the dependency:
>>
>> sun.security.provider.PolicyFile ->
>> com.sun.security.auth.PrincipalComparator
>>
>> which is problematic since the com.sun.security.auth package is not
>> intended to be part of the base module.
>>
>> The solution is to add an implies method to the
>> java.security.Principal interface. Existing PrincipalComparator
>> implementations must also implement Principal if they are to be used
>> by the default "JavaPolicy" Policy implementation. This change will
>> allow us to remove the dependency on the PrincipalComparator class and
>> preserve compatibility.
>>
>> Since java.security.Principal is an interface, this change requires
>> the new default method feature of lambda.
>>
>> webrev: http://cr.openjdk.java.net/~mullan/webrevs/7019834/webrev.00/
>>
>> Thanks,
>> Sean
> This looks very good to me and good to have this dependency issue
> finally resolved.
>
> Minor comment is that it might be better to use {@code Principal} rather
> than "principal" in the method description.
That seems to be a somewhat subjective style issue. Some APIs do that
while others don't (ex: java.util.Collection refers to itself as "this
collection"). Since the rest of the Principal API doesn't do this, I
left it as is for consistency.
> In PolicyFile it looks like there are 8 or so imports of permission
> classes commented out - should this be removed?
I've removed it (as well as the lines in getKnownInstance that were
commented out.
--Sean
More information about the security-dev
mailing list