RFR 8231365, 8231196: bugs on kerberos permissions

Weijun Wang weijun.wang at oracle.com
Fri Oct 11 03:30:52 UTC 2019


Webrev updated at https://cr.openjdk.java.net/~weijun/8231365/webrev.01.

I've also created a CSR at https://bugs.openjdk.java.net/browse/JDK-8232155. Please take a review.

Thanks
Max

> On Oct 4, 2019, at 10:06 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
> 
> The changes for ServicePermission look fine. For DelegationPermission, I have a couple of comments:
> 
> - The test has the wrong copyright (no need for the "Classpath" exception)
> - I think we should clarify the specification of DelegationPermission constructors for the @throws IllegalArgumentException. It currently says:
> 
> * @throws IllegalArgumentException if {@code principals} is empty.
> 
> But with your fix, it also throws IllegalArgumentExc if principals does not contain a pair. Also, the current code throws IAE if there is a syntax error. So I would propose:
> 
> * @throws IllegalArgumentException if {@code principals} is empty, or does not contain a pair of principals, or is improperly quoted
> 
> --Sean
> 
> On 9/25/19 10:50 PM, Weijun Wang wrote:
>> Please take a review at
>>    https://cr.openjdk.java.net/~weijun/8231365/webrev.00
>> Thanks,
>> Max




More information about the security-dev mailing list