Review Request for 7026255 : Methods of Subject that throw SecurityException do not specify what permissions are required
Xuelei Fan
xuelei.fan at oracle.com
Thu Aug 14 14:49:17 UTC 2014
On 8/13/2014 10:24 PM, Sean Mullan wrote:
>> 656 * is thrown if the caller does not have the proper permissions.
>> Do we want to point out the actual modify permissions?
>
> This is pointed out in the following paragraph:
>
> * <p> While iterating through the {@code Set},
> * a {@code SecurityException} is thrown
> * if the caller does not have a {@link PrivateCredentialPermission}
> * to access a particular Credential. The {@code Iterator}
> * is nevertheless advanced to the next element in the {@code Set}.
I meant to pointed out the modification permissions as well. As update
to the returned value needs the related permissions as the following
line talked about:
149 * <p> To modify the Principals Set, the caller must have
150 * {@code AuthPermission("modifyPrincipals")}.
151 * To modify the public credential Set, the caller must have
152 * {@code AuthPermission("modifyPublicCredentials")}.
153 * To modify the private credential Set, the caller must have
154 * {@code AuthPermission("modifyPrivateCredentials")}.
Otherwise, looks fine to me.
Xuelei
More information about the security-dev
mailing list