-
Type:
Bug
-
Resolution: Cannot Reproduce
-
Priority:
P2
-
None
-
Affects Version/s: 1.4.0
-
Component/s: security-libs
-
None
-
generic
-
generic
If you use Subject.doAs(null, action), and the action causes a permission to be checked, SubjectDomainCombiner.combine throws a NullPointerException. Here's a simple test program:
import javax.security.auth.Subject;
import java.security.*;
public class Test {
public static void main(String[] args) {
Subject.doAs(null, new PrivilegedAction() {
public Object run() {
AccessController.getContext().checkPermission(new AllPermission());
return null;
}
});
}
}
import javax.security.auth.Subject;
import java.security.*;
public class Test {
public static void main(String[] args) {
Subject.doAs(null, new PrivilegedAction() {
public Object run() {
AccessController.getContext().checkPermission(new AllPermission());
return null;
}
});
}
}
- relates to
-
JDK-4371032 Subject.doAs[Privileged] with null subject could be more efficient
-
- Resolved
-