On Wed, 27 Oct 2021 12:46:57 GMT, Sean Mullan <mul...@openjdk.org> wrote:

>> Weijun Wang has updated the pull request incrementally with one additional 
>> commit since the last revision:
>> 
>>   renames
>
> src/java.base/share/classes/javax/security/auth/Subject.java line 324:
> 
>> 322:     }
>> 323: 
>> 324:     // Store the current subject to a ThreadLocal when a system 
>> property is set.
> 
> nit: "... in a ThreadLocal ..."

Oops.

> src/java.base/share/classes/javax/security/auth/Subject.java line 360:
> 
>> 358:      * <p>
>> 359:      * No matter what storage is chosen, the current subject will
>> 360:      * always be installed by the {@link #callAs} method.
> 
> I'm not really sure if this sentence is necessary. It seems like it doesn't 
> need to be in the specification to me. The first sentence is clear enough to 
> me: "The current subject is installed by the {@link #callAs} method."

Removed.

> src/java.base/share/classes/javax/security/auth/Subject.java line 362:
> 
>> 360:      * always be installed by the {@link #callAs} method.
>> 361:      *
>> 362:      * @return the current subject. The return value can be
> 
> Suggest to combine this into one sentence: the current subject, or {@code 
> null} if a current subject is not installed or the current subject is set to 
> {@code null}."

OK.

> src/java.base/share/classes/javax/security/auth/Subject.java line 394:
> 
>> 392:      *
>> 393:      * @param subject the intended current subject for {@code action}.
>> 394:      *                Can be {@code null}.
> 
> Is it necessary to allow `null` in the new `callAs` method? Is there a use 
> case where this is useful? I know the `doAs` methods allowed it, but it looks 
> like they simply call `AccessController.doPrivileged` in that case w/o a 
> subject. Seems it would be simpler to not allow it and throw an NPE.

Maybe in a nested call that wants to clear out the existing subject 
temporarily? It could be useful.

-------------

PR: https://git.openjdk.java.net/jdk/pull/5024

Reply via email to