[8] Code Review Request for 7019834: Eliminate dependency from PolicyFile to com.sun.security.auth.PrincipalComparator (original) (raw)

Sean Mullan sean.mullan at oracle.com
Tue Jan 8 18:49:33 UTC 2013

On 01/05/2013 04:36 AM, Alan Bateman wrote:

On 28/12/2012 17:39, Sean Mullan wrote:

As part of the effort to prepare the platform for modules (see http://openjdk.java.net/jeps/162) we need to remove or deprecate undesirable dependencies. One of these is the dependency:

sun.security.provider.PolicyFile -> com.sun.security.auth.PrincipalComparator which is problematic since the com.sun.security.auth package is not intended to be part of the base module. The solution is to add an implies method to the java.security.Principal interface. Existing PrincipalComparator implementations must also implement Principal if they are to be used by the default "JavaPolicy" Policy implementation. This change will allow us to remove the dependency on the PrincipalComparator class and preserve compatibility. Since java.security.Principal is an interface, this change requires the new default method feature of lambda. webrev: http://cr.openjdk.java.net/~mullan/webrevs/7019834/webrev.00/ Thanks, Sean This looks very good to me and good to have this dependency issue finally resolved. Minor comment is that it might be better to use {@code Principal} rather than "principal" in the method description.

That seems to be a somewhat subjective style issue. Some APIs do that while others don't (ex: java.util.Collection refers to itself as "this collection"). Since the rest of the Principal API doesn't do this, I left it as is for consistency.

In PolicyFile it looks like there are 8 or so imports of permission classes commented out - should this be removed?

I've removed it (as well as the lines in getKnownInstance that were commented out.

--Sean

More information about the security-dev mailing list