In the first sentence I would give the fully qualified name
(javax.security.auth.Subject) instead of just Subject to provide a bit
more context. Otherwise, looks good.
--Sean
On 1/19/17 12:14 PM, Jamil Nimeh wrote:
Hello all,
Please review this one release note that documents a change in behavior
for the Subject class and it's underlying SecureSet collections:
Original bug: https://bugs.openjdk.java.net/browse/JDK-8015081
Release note: https://bugs.openjdk.java.net/browse/JDK-8173069
Text of the release note:
--------------------------------------
Inputs to Subject class now prohibit null values in the constructors and
modification operations on the Principal and credential Set objects
returned by Subject methods.
For the non-default constructor, the principals, pubCredentials, and
privCredentials parameters may not be null, nor may any element within
the Sets be null. A NullPointerException will be thrown if null values
are provided.
For operations performed on Set objects returned by getPrincipals(),
getPrivateCredentials() and getPublicCredentials(), a
NullPointerException is thrown under the following conditions:
* add(), remove(), or contains() provides a null parameter.
* addAll(), removeAll(), containsAll() or retainsAll() provides a
Collection containing a null element.
--------------------------------------
Thanks,
--Jamil
