On Tue, 30 Jan 2024 21:58:28 GMT, Weijun Wang wrote:
>> This code change adds an alternative implementation of user-based
>> authorization `Subject` APIs that doesn't depend on Security Manager APIs.
>> Depending on if the Security Manager is allowed, the methods store the
>> current subject d
On Tue, 30 Jan 2024 21:58:28 GMT, Weijun Wang wrote:
>> This code change adds an alternative implementation of user-based
>> authorization `Subject` APIs that doesn't depend on Security Manager APIs.
>> Depending on if the Security Manager is allowed, the methods store the
>> current subject d
On Tue, 30 Jan 2024 21:58:28 GMT, Weijun Wang wrote:
>> This code change adds an alternative implementation of user-based
>> authorization `Subject` APIs that doesn't depend on Security Manager APIs.
>> Depending on if the Security Manager is allowed, the methods store the
>> current subject d
On Tue, 30 Jan 2024 21:58:28 GMT, Weijun Wang wrote:
>> This code change adds an alternative implementation of user-based
>> authorization `Subject` APIs that doesn't depend on Security Manager APIs.
>> Depending on if the Security Manager is allowed, the methods store the
>> current subject d
On Mon, 4 Mar 2024 15:28:28 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fix MBeanServerFileAccessController, more test in SM
>
> src/java.management/share/classes/com/sun/jmx/remote/security/MBe
On Mon, 4 Mar 2024 19:51:38 GMT, Weijun Wang wrote:
>> src/java.management/share/classes/com/sun/jmx/remote/security/MBeanServerFileAccessController.java
>> line 309:
>>
>>> 307: final Subject s;
>>> 308: if (!SharedSecrets.getJavaLangAccess().allowSecurityManager())
>>> {
>>>
On Mon, 4 Mar 2024 15:15:54 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fix MBeanServerFileAccessController, more test in SM
>
> test/jdk/javax/management/monitor/ThreadPoolAccTest.java line 69:
On Mon, 4 Mar 2024 15:47:41 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fix MBeanServerFileAccessController, more test in SM
>
> test/jdk/javax/security/auth/Subject/CallAsWithScopedValue.java l
On Mon, 4 Mar 2024 16:17:14 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fix MBeanServerFileAccessController, more test in SM
>
> src/java.base/share/classes/javax/security/auth/Subject.java line
On Mon, 4 Mar 2024 19:57:25 GMT, Sean Mullan wrote:
>> I was not exactly sure if we will support this functionality when there is
>> no SM. The class name has `AccessControler` and the method names use
>> `checkAccess`, but they actually do not always depend on security manager.
>
> I think we
On Tue, 5 Mar 2024 11:36:53 GMT, Kevin Walls wrote:
>> I think we need @kevinjwalls or @dfuch to help advise on this.
>
> Right, this does not depend on the SM. All we need to do is get the Subject.
> This method implements the basic monitor (readonly) and control (readwrite)
> access.
> acces
On Tue, 5 Mar 2024 14:44:29 GMT, Weijun Wang wrote:
>> Right, this does not depend on the SM. All we need to do is get the
>> Subject.
>> This method implements the basic monitor (readonly) and control (readwrite)
>> access.
>> accessMap maps identity String to Access, and the checkAccess() m
On Tue, 5 Mar 2024 16:49:01 GMT, Kevin Walls wrote:
>> Do you know where the subject is set? If it's set by a `doAs` call then it
>> will co-operate with `current()` no matter if SM is allowed. I tried to
>> search in the whole module and cannot find a `doAs` call. If it is also
>> through `Su
On Tue, 5 Mar 2024 19:53:46 GMT, Weijun Wang wrote:
>> Subject is stored in the RMIConnectionImpl:
>> src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java
>>
>> (That is complicated by SubjectDelegation, which we deprecated for removal.
>> I have the PR out
> This code change adds an alternative implementation of user-based
> authorization `Subject` APIs that doesn't depend on Security Manager APIs.
> Depending on if the Security Manager is allowed, the methods store the
> current subject differently. See the spec change in the `Subject.java` file
On Tue, 30 Jan 2024 16:41:28 GMT, Weijun Wang wrote:
>> src/java.management/share/classes/com/sun/jmx/remote/security/MBeanServerFileAccessController.java
>> line 307:
>>
>>> 305: AccessController.doPrivileged(new PrivilegedAction<>() {
>>> 306: public Subject ru
16 matches
Mail list logo
