Review Request for 7026255 : Methods of Subject that throw SecurityException do not specify what permissions are required
Xuelei Fan
xuelei.fan at oracle.com
Sat Aug 16 01:57:41 UTC 2014
Looks fine to me.
Thanks,
Xuelei
On 8/16/2014 2:52 AM, Sean Mullan wrote:
> On 08/14/2014 10:49 AM, Xuelei Fan wrote:
>> I meant to pointed out the modification permissions as well. As update
>> to the returned value needs the related permissions as the following
>> line talked about:
>>
>> 149 * <p> To modify the Principals Set, the caller must have
>> 150 * {@code AuthPermission("modifyPrincipals")}.
>> 151 * To modify the public credential Set, the caller must have
>> 152 * {@code AuthPermission("modifyPublicCredentials")}.
>> 153 * To modify the private credential Set, the caller must have
>> 154 * {@code AuthPermission("modifyPrivateCredentials")}.
>
> Yes, I understand the comment now. I have fixed it, but I had to adjust
> the wording a bit. getPrivateCredentials() now says:
>
> * <p> If a security manager is installed, the caller must have a
> * {@link AuthPermission#AuthPermission(String)
> * AuthPermission("modifyPrivateCredentials")} permission to modify
> * the returned set, or a {@code SecurityException} will be thrown.
> *
> * <p> While iterating through the {@code Set},
> * a {@code SecurityException} is thrown if a security manager is
> installed
> * and the caller does not have a {@link PrivateCredentialPermission}
> * to access a particular Credential. The {@code Iterator}
> * is nevertheless advanced to the next element in the {@code Set}.
>
> I also added a similar paragraph as the first above to the
> getPublicCredentials() and getPrincipals() methods.
>
> Updated webrev:
> http://cr.openjdk.java.net/~mullan/webrevs/7026255/webrev.02/
>
> --Sean
More information about the security-dev
mailing list