RFR: 8267108: Alternate Subject.getSubject and doAs APIs that do not depend on Security Manager APIs [v2]
Sean Mullan
mullan at openjdk.java.net
Wed Oct 27 13:52:18 UTC 2021
On Wed, 27 Oct 2021 12:45:57 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>>
>> renames
>
> src/java.base/share/classes/javax/security/auth/Subject.java line 296:
>
>> 294: * which is equivalent to
>> 295: * {@code Subject.getSubject(AccessController.getContext())}
>> 296: * by default in this implementation.
>
> I don't think you need the words "by default".
I suggest changing the last sentence to two sentences: "However, obtaining a Subject is useful independent of the Security Manager. Thus, a replacement API named {@link #current()} has been added which can be used to obtain the current subject."
I don't think you need to describe the default implementation here because it is hard to explain that succinctly -- just keep that info in `current`.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5024
More information about the security-dev
mailing list