-
CSR
-
Resolution: Approved
-
P3
-
None
-
behavioral
-
minimal
-
-
Java API
-
SE
Summary
Update the spec of 2 DelegationPermission constructors to precisely describe when an IllegalArgumentException would be thrown.
Problem
The current spec shows @throws IllegalArgumentException if {@code principals} is empty but the exception is also thrown when the argument is not correctly quoted. Also, when the argument does not contain a pair of principals, the constructor will succeed but the service principal inside is null and any method called on the newly created object would throw a NPE. This should also be dealt with in the constructors.
Solution
See spec below.
Specification
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/DelegationPermission.java
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/DelegationPermission.java
@@ -78,7 +78,8 @@
* @param principals the name of the subordinate and target principals
*
* @throws NullPointerException if {@code principals} is {@code null}.
- * @throws IllegalArgumentException if {@code principals} is empty.
+ * @throws IllegalArgumentException if {@code principals} is empty,
+ * or does not contain a pair of principals, or is improperly quoted
*/
public DelegationPermission(String principals) {
super(principals);
@@ -94,7 +95,8 @@
* @param actions should be null.
*
* @throws NullPointerException if {@code principals} is {@code null}.
- * @throws IllegalArgumentException if {@code principals} is empty.
+ * @throws IllegalArgumentException if {@code principals} is empty,
+ * or does not contain a pair of principals, or is improperly quoted
*/
public DelegationPermission(String principals, String actions) {
super(principals, actions);- csr of
-
JDK-8231196 DelegationPermission allows to create an instance that thows NPE on ::equals call
-
- Resolved
-
- relates to
-
-
- Closed
-