RFR: JDK-8290975 Minor cleanup could be done in javax.security
Mark Powers
mpowers at openjdk.org
Thu Aug 4 20:26:03 UTC 2022
On Wed, 3 Aug 2022 14:37:20 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> https://bugs.openjdk.org/browse/JDK-8290975
>
> src/java.base/share/classes/javax/security/auth/PrivateCredentialPermission.java line 130:
>
>> 128: * @serial
>> 129: */
>> 130: private final boolean testing = false;
>
> This should really use java.security.debug so this tracing can be enabled at runtime, but that's probably more of a separate fix - feel free to file a separate issue.
I'll file a bug later today and add to this bug report.
> src/java.base/share/classes/javax/security/auth/Subject.java line 28:
>
>> 26: package javax.security.auth;
>> 27:
>> 28: import sun.security.util.ResourcesMgr;
>
> I suggest putting the internal imports below the java.* or other standard imports. This isn't a rule, but is more consistent with other code.
IJ complains about unnecessary imports and asks If I want to let it automatically optimize them. I always answer "yes". I'll fix as you suggest.
> src/java.base/share/classes/javax/security/auth/Subject.java line 854:
>
>> 852: *
>> 853: * <p> If a security manager is installed, the caller must have a
>> 854: * {@link PrivateCredentialPermission} to access all the requested
>
> Hmm. I think the previous text was more correct/readable.
Okay. I'll revert the change. It was just an IJ suggestion.
> src/java.base/share/classes/javax/security/auth/x500/X500Principal.java line 94:
>
>> 92: * NOTE: The constructor is package private. It is intended to be accessed
>> 93: * using privileged reflection from classes in sun.security.*.
>> 94: * Currently, referenced from sun.security.x509.X500Name.asX500Principal().
>
> Change to "Currently, it is referenced from ..."
Okay.
-------------
PR: https://git.openjdk.org/jdk/pull/9664
More information about the security-dev
mailing list