RFR: 8267108: Alternate Subject.getSubject and doAs APIs that do not depend on Security Manager APIs [v2]

[Weijun Wang]

On Mon, 25 Oct 2021 19:52:06 GMT, Bernd <duke at openjdk.java.net> wrote:

>> Sure, I can. I was testing the default value to "false" at some time and found `"true".equals` and `!"false".equals` symmetric and good-looking. :-)
>
> It probably doesn’t matter to have the Logic centralized, just looked a bit hardcoded (who knows if yes/no/1/0 is wanted as well ,).

OK, switch to GetBooleanAction.

>> I said "After {@code action} is finished, the current subject is reset to its previous value". Is that what you meant?
>
> My question was more along the line of Post-Security-manager. Will you always be able to call Subject.doAs - especially with null? And if this can already be speced if it might be rejected or not… (the „after finished“ is well documented)

Before the method is removed (It's deprecated from removal), you should always be able to call it with whatever subject including null. If there's no more AccessControlContext we might even have to implement it with callAs.

-------------

PR: https://git.openjdk.java.net/jdk/pull/5024