RFR: JDK-8290975 Minor cleanup could be done in javax.security
Sean Mullan
mullan at openjdk.org
Wed Aug 3 15:03:43 UTC 2022
On Wed, 27 Jul 2022 20:24:19 GMT, Mark Powers <mpowers at openjdk.org> wrote:
> https://bugs.openjdk.org/browse/JDK-8290975
src/java.base/share/classes/javax/security/auth/PrivateCredentialPermission.java line 130:
> 128: * @serial
> 129: */
> 130: private final boolean testing = false;
This should really use java.security.debug so this tracing can be enabled at runtime, but that's probably more of a separate fix - feel free to file a separate issue.
src/java.base/share/classes/javax/security/auth/Subject.java line 28:
> 26: package javax.security.auth;
> 27:
> 28: import sun.security.util.ResourcesMgr;
I suggest putting the internal imports below the java.* or other standard imports. This isn't a rule, but is more consistent with other code.
src/java.base/share/classes/javax/security/auth/Subject.java line 854:
> 852: *
> 853: * <p> If a security manager is installed, the caller must have a
> 854: * {@link PrivateCredentialPermission} to access all the requested
Hmm. I think the previous text was more correct/readable.
src/java.base/share/classes/javax/security/auth/callback/NameCallback.java line 45:
> 43: * @since 1.4
> 44: */
> 45: private final String prompt;
I think you can also mark `defaultName` final.
src/java.base/share/classes/javax/security/auth/callback/TextInputCallback.java line 46:
> 44: * @since 1.4
> 45: */
> 46: private final String prompt;
I think you can also mark `defaultText` final.
src/java.base/share/classes/javax/security/auth/x500/X500Principal.java line 94:
> 92: * NOTE: The constructor is package private. It is intended to be accessed
> 93: * using privileged reflection from classes in sun.security.*.
> 94: * Currently, referenced from sun.security.x509.X500Name.asX500Principal().
Change to "Currently, it is referenced from ..."
-------------
PR: https://git.openjdk.org/jdk/pull/9664
More information about the security-dev
mailing list