RFR 8231365, 8231196: bugs on kerberos permissions

Sean Mullan sean.mullan at oracle.com
Mon Oct 28 12:08:31 UTC 2019


On 10/27/19 11:04 PM, Weijun Wang wrote:
> Thanks and I've finalized the CSR. A release note is created at https://bugs.openjdk.java.net/browse/JDK-8233043.

I tweaked the Description a little - if you are ok with it, you can mark 
it Resolved.

--Sean

> 
> --Max
> 
>> On Oct 26, 2019, at 1:38 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>>
>> Looks good, I added my name as Reviewer to the CSR. You should also add a release note for 8231196.
>>
>> --Sean
>>
>> On 10/10/19 11:30 PM, Weijun Wang wrote:
>>> Webrev updated at https://cr.openjdk.java.net/~weijun/8231365/webrev.01.
>>> I've also created a CSR at https://bugs.openjdk.java.net/browse/JDK-8232155. Please take a review.
>>> Thanks
>>> Max
>>>> On Oct 4, 2019, at 10:06 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
>>>>
>>>> The changes for ServicePermission look fine. For DelegationPermission, I have a couple of comments:
>>>>
>>>> - The test has the wrong copyright (no need for the "Classpath" exception)
>>>> - I think we should clarify the specification of DelegationPermission constructors for the @throws IllegalArgumentException. It currently says:
>>>>
>>>> * @throws IllegalArgumentException if {@code principals} is empty.
>>>>
>>>> But with your fix, it also throws IllegalArgumentExc if principals does not contain a pair. Also, the current code throws IAE if there is a syntax error. So I would propose:
>>>>
>>>> * @throws IllegalArgumentException if {@code principals} is empty, or does not contain a pair of principals, or is improperly quoted
>>>>
>>>> --Sean
>>>>
>>>> On 9/25/19 10:50 PM, Weijun Wang wrote:
>>>>> Please take a review at
>>>>>     https://cr.openjdk.java.net/~weijun/8231365/webrev.00
>>>>> Thanks,
>>>>> Max
> 


More information about the security-dev mailing list