Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8344653

Remove access control context text from SSLEngine and SSLSession APIs

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P3 P3
    • 24
    • security-libs
    • None
    • behavioral
    • minimal
    • These access control decisions are no longer enforced now that the Security Manager is permanently disabled.
    • Java API
    • SE

      Summary

      Some additional text in the javax.net.ssl.SSLEngine and javax.net.ssl.SSLSession APIs should be removed about access control context which is no longer applicable after JEP 486 has been integrated.

      Problem

      The specified text no longer applies and is not implemented.

      Solution

      Remove the text. See Specification below for changes.

      Specification

      In the SSLEngine class description, this paragraph should be removed:

      "Applications might choose to process delegated tasks in different threads. When an {@code SSLEngine} is created, the current {@link java.security.AccessControlContext} is saved. All future delegated tasks will be processed using this context: that is, all access control decisions will be made using the context captured at engine creation."

      The following text should also be removed from the getDelegatedTask method of SSLEngine:

      "Delegated tasks run in the {@code AccessControlContext} in place when this object was created."

      In SSLSession, the following text should be removed from the putValue, getValue, removeValue, and getValueNames methods:

      "For security reasons, the same named values may not be visible across different access control contexts."

      The following text should also be removed from the name parameter of the removeValue method: "visible across different access control contexts"

            mullan Sean Mullan
            mullan Sean Mullan
            Roger Riggs
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: