Review: release note for JDK-8015081

Sean Mullan sean.mullan at
Thu Jan 26 19:27:25 UTC 2017

In the first sentence I would give the fully qualified name 
( instead of just Subject to provide a bit 
more context. Otherwise, looks good.


On 1/19/17 12:14 PM, Jamil Nimeh wrote:
> Hello all,
> Please review this one release note that documents a change in behavior
> for the Subject class and it's underlying SecureSet collections:
> Original bug:
> Release note:
> Text of the release note:
> --------------------------------------
> Inputs to Subject class now prohibit null values in the constructors and
> modification operations on the Principal and credential Set objects
> returned by Subject methods.
> For the non-default constructor, the principals, pubCredentials, and
> privCredentials parameters may not be null, nor may any element within
> the Sets be null. A NullPointerException will be thrown if null values
> are provided.
> For operations performed on Set objects returned by getPrincipals(),
> getPrivateCredentials() and getPublicCredentials(), a
> NullPointerException is thrown under the following conditions:
> * add(), remove(), or contains() provides a null parameter.
> * addAll(), removeAll(), containsAll() or retainsAll() provides a
> Collection containing a null element.
> --------------------------------------
> Thanks,
> --Jamil

More information about the security-dev mailing list