Mercurial > hg > release > icedtea7-forest-2.4 > jdk

changeset 7279:4e3fb3d5d4bf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8029286: Enhance subject delegation Reviewed-by: dfuchs, ahgross
author jbachorik
date Mon, 23 Dec 2013 14:29:27 +0100
parents 0c16ba816e4f
children 42e68c7fbe98
files src/share/classes/com/sun/jmx/remote/security/SubjectDelegator.java
diffstat 1 files changed, 13 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/com/sun/jmx/remote/security/SubjectDelegator.java	Mon Jan 13 16:14:55 2014 -0800
+++ b/src/share/classes/com/sun/jmx/remote/security/SubjectDelegator.java	Mon Dec 23 14:29:27 2013 +0100
@@ -35,6 +35,8 @@
 import javax.management.remote.SubjectDelegationPermission;
 
 import com.sun.jmx.remote.util.CacheMap;
+import java.util.ArrayList;
+import java.util.Collection;
 
 public class SubjectDelegator {
     private static final int PRINCIPALS_CACHE_SIZE = 10;
@@ -53,11 +55,14 @@
                          boolean removeCallerContext)
             throws SecurityException {
 
+        if (System.getSecurityManager() != null && authenticatedACC == null) {
+            throw new SecurityException("Illegal AccessControlContext: null");
+        }
         if (principalsCache == null || accCache == null) {
             principalsCache =
-                    new CacheMap<Subject, Principal[]>(PRINCIPALS_CACHE_SIZE);
+                    new CacheMap<>(PRINCIPALS_CACHE_SIZE);
             accCache =
-                    new CacheMap<Subject, AccessControlContext>(ACC_CACHE_SIZE);
+                    new CacheMap<>(ACC_CACHE_SIZE);
         }
 
         // Retrieve the principals for the given
@@ -101,14 +106,15 @@
         // principal in the delegated subject
         //
         final Principal[] dp = delegatedPrincipals;
+        final Collection<Permission> permissions = new ArrayList<>(dp.length);
+        for(Principal p : dp) {
+            final String pname = p.getClass().getName() + "." + p.getName();
+            permissions.add(new SubjectDelegationPermission(pname));
+        }
         PrivilegedAction<Void> action =
             new PrivilegedAction<Void>() {
                 public Void run() {
-                    for (int i = 0 ; i < dp.length ; i++) {
-                        final String pname =
-                            dp[i].getClass().getName() + "." + dp[i].getName();
-                        Permission sdp =
-                            new SubjectDelegationPermission(pname);
+                    for (Permission sdp : permissions) {
                         AccessController.checkPermission(sdp);
                     }
                     return null;