[prev in list] [next in list] [prev in thread] [next in thread]
List: openjdk-security-dev
Subject: Re: RFR: Re-enable support for non-Principal implementations of PrincipalComparator
From: Sean Mullan <sean.mullan () oracle ! com>
Date: 2013-02-27 21:43:33
Message-ID: 512E7E05.1000109 () oracle ! com
[Download RAW message or body]
On 02/27/2013 06:24 AM, Alan Bateman wrote:
> On 26/02/2013 18:36, Neil Richards wrote:
>> Hi Sean,
>> Thanks for your quick response.
>>
>> I admit, I hadn't spotted the description of the policy file syntax to
>> which you point.
>>
>> (In my defence, it's a lot easier to overlook than the explicit wording
>> that I found at the top of PrincipalComparator's Javadoc).
>>
>> Just for info, are there other scenarios where (non-Principal)
>> PrincipalComparator impls can (still) be used, which matches that class'
>> Javadoc ?
Yes, I believe the legacy JAAS PolicyFile implementation
(com.sun.security.auth.PolicyFile) supports PrincipalComparator classes
that don't implement Principal, though I have not tested that to confirm.
>> And do these other scenarios also (already) support the use of
>> Principal.implies() ?
No for the case above, but the JAAS PolicyFile API is deprecated so I
don't think we need to enhance that to support the new Principal.implies
method.
>> I think your answer may have obviated my desire for using the suggested
>> fix.
>> I'm asking around nearby to see if evidence of real use breakage can be
>> found, and will tug on this thread again if/when I have something more
>> to share on this.
>>
> I'll leave it to Sean to comment on this but just to mention that if
> this reflective dependency is added then I think it would be good to
> plan to remove it in jdk9. I suggest this because PolicyFile will most
> likely end up in our base/core module whereas the JDK-specific API to
> JAAS (com.sun.security.auth) may not.
I think we should just wait a bit and see if anything comes up after the
developer preview is released.
Thanks,
Sean
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic