RFR: 8296244: Alternate implementation of user-based authorization Subject APIs that doesn’t depend on Security Manager APIs [v3]
Weijun Wang
weijun at openjdk.org
Mon Mar 4 20:49:54 UTC 2024
On Mon, 4 Mar 2024 16:17:14 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>>
>> fix MBeanServerFileAccessController, more test in SM
>
> src/java.base/share/classes/javax/security/auth/Subject.java line 120:
>
>> 118: * {@code getSubject(AccessControlContext)} method.
>> 119: * <li>If a security manager is not allowed, which means it
>> 120: * {@linkplain System#setSecurityManager is not set and not allowed to be set
>
> I think `SecurityManager.html#set-security-manager` is a better (more informative) link. Also, not sure why it is linked here but not in the "If a security manager is allowed" paragraph. If you link it in the first sentence ("These methods behave differently ...) then you probably only need one link and don't need this link.
OK.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17472#discussion_r1511771517
More information about the serviceability-dev
mailing list