RFR: 8333344: JMX attaching of Subject does not work when security manager not allowed [v10]

[Weijun Wang]

On Thu, 13 Jun 2024 20:54:25 GMT, Kevin Walls <kevinw at openjdk.org> wrote:

>> JMX uses APIs related to the Security Mananger which are deprecated.  Use of AccessControlContext will be removed when Security Manager is removed.
>> 
>> Until then, updates are needed to not require setting  -Djava.security.manager=allow to use JMX authentication.
>
> Kevin Walls has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Separate SM allowed and not allowed cases

I don't quite understand why there is no more `noPermissionsACC` in `Monotor.java`. This looks like the only behavior change when SM is allowed. The other source change looks fine to me.

src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java line 1461:

> 1459:                 throw rte;
> 1460:             } else {
> 1461:                 throw new PrivilegedActionException(e);

The 4 lines above seems unnecessary now. Plus, do not wrap `PrivilegedActionException` inside `PrivilegedActionException`.

src/java.management/share/classes/com/sun/jmx/remote/internal/ServerNotifForwarder.java line 353:

> 351:         } else {
> 352:             return Subject.getSubject(AccessController.getContext());
> 353:         }

`Subject.current()` should work for both cases. See the impl of it.

-------------

PR Review: https://git.openjdk.org/jdk/pull/19624#pullrequestreview-2118220033
PR Review Comment: https://git.openjdk.org/jdk/pull/19624#discussion_r1639720192
PR Review Comment: https://git.openjdk.org/jdk/pull/19624#discussion_r1639721194