-
CSR
-
Resolution: Approved
-
P3
-
None
-
behavioral
-
minimal
-
These access control decisions are no longer enforced now that the Security Manager is permanently disabled.
-
Java API
-
SE
Summary
Some additional text in the javax.net.ssl.SSLEngine
and javax.net.ssl.SSLSession
APIs should be removed about access control context which is no longer applicable after JEP 486 has been integrated.
Problem
The specified text no longer applies and is not implemented.
Solution
Remove the text. See Specification below for changes.
Specification
In the SSLEngine
class description, this paragraph should be removed:
"Applications might choose to process delegated tasks in different threads. When an {@code SSLEngine} is created, the current {@link java.security.AccessControlContext} is saved. All future delegated tasks will be processed using this context: that is, all access control decisions will be made using the context captured at engine creation."
The following text should also be removed from the getDelegatedTask
method of SSLEngine
:
"Delegated tasks run in the {@code AccessControlContext} in place when this object was created."
In SSLSession
, the following text should be removed from the putValue
, getValue
, removeValue
, and getValueNames
methods:
"For security reasons, the same named values may not be visible across different access control contexts."
The following text should also be removed from the name
parameter of the removeValue
method: "visible across different access control contexts"
- csr of
-
JDK-8344652 Remove access control context text from SSLEngine and SSLSession APIs
-
- Resolved
-