[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openjdk-security-dev
Subject:    Post-JEP411 request: callAs(Supplier<Subject>) Re: RFR: 8267108: Alternate Subject.getSubject and do
From:       Chapman Flack <chap () anastigmatix ! net>
Date:       2021-10-28 17:48:19
Message-ID: 617AE263.5050306 () anastigmatix ! net
[Download RAW message or body]

On 10/28/21 13:25, Weijun Wang wrote:
>>> New `Subject` APIs `current()` and `callAs()` are created ...
>>> where the `callAs()` method stores the subject into a `ThreadLocal`
>>> object and the `current()` method returns it


That approach is simple and sweet. There is a case it doesn't cover,
where the Java runtime is embedded in a larger application where the
identity could change during upcalls from Java into the embedding app.

For those cases, it is better to be able to pass callAs a Supplier<Subject>
rather than a single unchanging Subject.

The effect was achievable in the pre-JEP411 world by installing
a suitably clever DomainCombiner, but with the current proposed replacement
the ability would be lost.

Naturally, it would be simple to support the callAs(Subject s) common case
as well, and simply store () -> s in the ThreadLocal.

Regards,
-Chap
[prev in list] [next in list] [prev in thread] [next in thread]