RFR: 8333344: JMX attaching of Subject does not work when security manager not allowed
Alan Bateman
alanb at openjdk.org
Mon Jun 10 14:31:12 UTC 2024
On Mon, 10 Jun 2024 11:28:28 GMT, Kevin Walls <kevinw at openjdk.org> wrote:
> JMX uses APIs related to the Security Mananger which are deprecated. Use of AccessControlContext will be removed when Security Manager is removed.
>
> Until then, updates are needed to not require setting -Djava.security.manager=allow to use JMX authentication.
src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java line 1634:
> 1632: } else {
> 1633: // We have ACC therefore SM is permitted, and Subject must be non-null:
> 1634: return Subject.doAs(subject, (PrivilegedExceptionAction<T>) () -> AccessController.doPrivileged((PrivilegedExceptionAction<T>) () -> wrappedClass.cast(mo.get()), acc));
This is not readable. If you create the PAEs explicitly then the casts will go away and it will be much easier to read.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/19624#discussion_r1633351429
More information about the serviceability-dev
mailing list