Review: release note for JDK-8015081

Jamil Nimeh jamil.j.nimeh at
Thu Jan 19 17:14:45 UTC 2017

Hello all,

Please review this one release note that documents a change in behavior 
for the Subject class and it's underlying SecureSet collections:

Original bug:
Release note:

Text of the release note:
Inputs to Subject class now prohibit null values in the constructors and 
modification operations on the Principal and credential Set objects 
returned by Subject methods.

For the non-default constructor, the principals, pubCredentials, and 
privCredentials parameters may not be null, nor may any element within 
the Sets be null. A NullPointerException will be thrown if null values 
are provided.

For operations performed on Set objects returned by getPrincipals(), 
getPrivateCredentials() and getPublicCredentials(), a 
NullPointerException is thrown under the following conditions:
* add(), remove(), or contains() provides a null parameter.
* addAll(), removeAll(), containsAll() or retainsAll() provides a 
Collection containing a null element.


More information about the security-dev mailing list