On Mon, 10 Jun 2024 11:28:28 GMT, Kevin Walls <kev...@openjdk.org> wrote:
> JMX uses APIs related to the Security Mananger which are deprecated. Use of
> AccessControlContext will be removed when Security Manager is removed.
>
> Until then, updates are needed to not require setting
> -Djava.security.manager=allow to use JMX authentication.
src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java
line 1634:
> 1632: } else {
> 1633: // We have ACC therefore SM is permitted, and
> Subject must be non-null:
> 1634: return Subject.doAs(subject,
> (PrivilegedExceptionAction<T>) () ->
> AccessController.doPrivileged((PrivilegedExceptionAction<T>) () ->
> wrappedClass.cast(mo.get()), acc));
This is not readable. If you create the PAEs explicitly then the casts will go
away and it will be much easier to read.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/19624#discussion_r1633351429
