RFR: 8267108: Alternate Subject.getSubject and doAs APIs that do not depend on Security Manager APIs [v2]
Weijun Wang
weijun at openjdk.java.net
Mon Oct 25 18:06:13 UTC 2021
On Fri, 22 Oct 2021 21:45:25 GMT, Bernd <duke at openjdk.java.net> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>>
>> renames
>
> src/java.base/share/classes/javax/security/auth/Subject.java line 325:
>
>> 323:
>> 324: // Store the current subject to a ThreadLocal when a system property is set.
>> 325: private static final boolean USE_TL = "true".equalsIgnoreCase(
>
> Can you use GetBooleanAction.privilegedGetProperty instead?
Sure, I can. I was testing the default value to "false" at some time and found `"true".equals` and `!"false".equals` symmetric and good-looking. :-)
> src/java.base/share/classes/javax/security/auth/Subject.java line 349:
>
>> 347: * the one of its parent thread, and will not change even if
>> 348: * its parent thread's current subject is changed to another value.
>> 349: *
>
> Should it say something about installing or unsettling the subject in a nested execution (if it can be restricted)?
I said "After {@code action} is finished, the current subject is reset to its previous value". Is that what you meant?
> src/java.base/share/classes/javax/security/auth/Subject.java line 393:
>
>> 391: * always be retrievable by the {@link #current} method.
>> 392: *
>> 393: * @param subject the intended current subject for {@code action}.
>
> The „current“ could be removed to make it less complex to read? (Especially if the next parameter still uses the „current“ term.
OK, I can choose the existing `doAs` style. `the {@code Subject} that the specified {@code action} will run as`. I admit I specified this "current subject" too much. I even wanted to invent an acronym for it.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5024
More information about the security-dev
mailing list