On Fri, 22 Oct 2021 22:13:51 GMT, Bernd <d...@openjdk.java.net> wrote:
>> src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Util.java
>> line 107:
>>
>>> 105: */
>>> 106: public static ServiceCreds getServiceCreds(GSSCaller caller,
>>> 107: String serverPrincipal) throws LoginException {
>>
>> What would be the new way to pass an authentication context on, passing the
>> subject directly? (In case of Krb5AcceptCredential acc is actually the
>> current one)
>
> What about the Kerberos cipher suite callsite mentioned in the comment? If no
> longer used, can this be made not Public (and remove the comment)
Yes, it's better to pass the subject directly. Whoever wants their code to
continue working after the SecurityManager is completely removed should not use
AccessControlContext anymore.
Yes, the JSSE comment is useless now. I thought it was still used by older TLS
versions.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5024
