RFR 8209416: Refactoring GetPropertyAction calls in JGSS

Sean Mullan sean.mullan at oracle.com
Tue Aug 14 14:26:59 UTC 2018


On 8/14/18 1:04 AM, Weijun Wang wrote:
> 
> 
>> On Aug 14, 2018, at 3:11 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>>
>> I think this should be an enhancement, and not a bug. Is this mainly for a performance improvement?
> 
> Yes it's an enhancement.
> 
> Performance can be gained. Also, the privilegedGetProperty() method is already called in a lot of places. Using it everywhere makes the code looks consistent and simpler.
> 
>>
>> Also, this change puts more of a dependency on sun.security.action which I think we want to avoid, as it would be nice to eventually stop exporting sun.security.action so as to minimize the exports from java.base to the java.security.jgss module. You can double-check with Mandy or Alan on whether my line of thinking is correct on that.
> 
> I've talked with Mandy. She thinks it's OK now to continue using the sun.security.action since java.security.jgss is not upgradeable and there is no security concern. Also, I think using the same method now would be helpful if we want to switch to another method implemented inside the module some time in the future.

Ok.

--Sean

> 
> Thanks
> Max
> 
>>
>> Thanks,
>> Sean
>>
>> On 8/13/18 6:24 AM, Weijun Wang wrote:
>>> Please take a review at
>>>     http://cr.openjdk.java.net/~weijun/8209416/webrev.00/
>>> This is all about refactoring "AccessController.doPrivileged(new GetPropertyAction(x))" into "GetPropertyAction.privilegedGetProperty(x)".
>>> I've already introduced a new GetBooleanAction::privilegedGetProperty method.
>>> Noreg-cleanup.
>>> Thanks
>>> Max
> 



More information about the security-dev mailing list