Review Request for 7026255 : Methods of Subject that throw SecurityException do not specify what permissions are required

Xuelei Fan xuelei.fan at oracle.com
Sat Aug 16 01:57:41 UTC 2014


Looks fine to me.

Thanks,
Xuelei

On 8/16/2014 2:52 AM, Sean Mullan wrote:
> On 08/14/2014 10:49 AM, Xuelei Fan wrote:
>> I meant to pointed out the modification permissions as well.  As update
>> to the returned value needs the related permissions as the following
>> line talked about:
>>
>>   149      * <p> To modify the Principals Set, the caller must have
>>   150      * {@code AuthPermission("modifyPrincipals")}.
>>   151      * To modify the public credential Set, the caller must have
>>   152      * {@code AuthPermission("modifyPublicCredentials")}.
>>   153      * To modify the private credential Set, the caller must have
>>   154      * {@code AuthPermission("modifyPrivateCredentials")}.
> 
> Yes, I understand the comment now. I have fixed it, but I had to adjust
> the wording a bit. getPrivateCredentials() now says:
> 
>      * <p> If a security manager is installed, the caller must have a
>      * {@link AuthPermission#AuthPermission(String)
>      * AuthPermission("modifyPrivateCredentials")} permission to modify
>      * the returned set, or a {@code SecurityException} will be thrown.
>      *
>      * <p> While iterating through the {@code Set},
>      * a {@code SecurityException} is thrown if a security manager is
> installed
>      * and the caller does not have a {@link PrivateCredentialPermission}
>      * to access a particular Credential.  The {@code Iterator}
>      * is nevertheless advanced to the next element in the {@code Set}.
> 
> I also added a similar paragraph as the first above to the
> getPublicCredentials() and getPrincipals() methods.
> 
> Updated webrev:
> http://cr.openjdk.java.net/~mullan/webrevs/7026255/webrev.02/
> 
> --Sean




More information about the security-dev mailing list