RFR: 8296244: Alternate implementation of user-based authorization Subject APIs that doesn’t depend on Security Manager APIs [v6]

Sean Mullan mullan at openjdk.org
Wed Mar 13 20:09:09 UTC 2024 

On Tue, 5 Mar 2024 19:56:58 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> This code change adds an alternative implementation of user-based authorization `Subject` APIs that doesn't depend on Security Manager APIs. Depending on if the Security Manager is allowed, the methods store the current subject differently. See the spec change in the `Subject.java` file for details. When the Security Manager APIs are finally removed in a future release, this new implementation will be only implementation for these methods.
>> 
>> One major change in the new implementation is that `Subject.getSubject` always throws an `UnsupportedOperationException` since it has an `AccessControlContext` argument but the current subject is no longer associated with an `AccessControlContext` object.
>> 
>> Now it's the time to migrate from the `getSubject` and `doAs` methods to `current` and `callAs`. If the user application is simply calling `getSubject(AccessController.getContext())`, then switching to `current()` would work. If the `AccessControlContext` argument is retrieved from an earlier `getContext()` call and the associated subject might be different from that of the current `AccessControlContext`, then instead of storing the previous `AccessControlContext` object and passing it into `getSubject` to get the "previous" subject, the application should store the `current()` return value directly.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
> 
>   revert changes to MBeanServerFileAccessController.java

test/jdk/javax/security/auth/Subject/CallAsWithScopedValue.java line 29:

> 27:  * @enablePreview
> 28:  * @summary Implement Subject.current and Subject.callAs using scoped values.
> 29:  *      Need @enablePreview to use StructuredTaskScope.

jtreg throws a `ParseException` because I think it tries to interpret it as an `@enablePreview` action. Suggest enclosing it in double quotes.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/17472#discussion_r1523838888

More information about the serviceability-dev mailing list