stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8233222: Clarify system property usage in KerberosPrincipal instantiation

Browse Source 
Reviewed-by: mullan
This commit is contained in:
Weijun Wang 2019-12-07 09:40:28 +08:00
parent 6a547f9574
commit 36bd09dead
1 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosPrincipal.java
View File

@ -106,10 +106,19 @@ public final class KerberosPrincipal
* *
* <p>If the input name does not contain a realm, the default realm * <p>If the input name does not contain a realm, the default realm
* is used. The default realm can be specified either in a Kerberos * is used. The default realm can be specified either in a Kerberos
* configuration file or via the java.security.krb5.realm * configuration file or via the {@systemproperty java.security.krb5.realm}
* system property. For more information, see the * system property. For more information, see the
* {@extLink security_guide_jgss_tutorial Kerberos Requirements}. * {@extLink security_guide_jgss_tutorial Kerberos Requirements}.
* Additionally, if a security manager is *
* <p>Note that when this class or any other Kerberos-related class is
* initially loaded and initialized, it may read and cache the default
* realm from the Kerberos configuration file or via the
* java.security.krb5.realm system property (the value will be empty if
* no default realm is specified), such that any subsequent calls to set
* or change the default realm by setting the java.security.krb5.realm
* system property may be ignored.
*
* <p>Additionally, if a security manager is
* installed, a {@link ServicePermission} must be granted and the service * installed, a {@link ServicePermission} must be granted and the service
* principal of the permission must minimally be inside the * principal of the permission must minimally be inside the
* {@code KerberosPrincipal}'s realm. For example, if the result of * {@code KerberosPrincipal}'s realm. For example, if the result of
@ -146,10 +155,19 @@ public final class KerberosPrincipal
* *
* <p>If the input name does not contain a realm, the default realm * <p>If the input name does not contain a realm, the default realm
* is used. The default realm can be specified either in a Kerberos * is used. The default realm can be specified either in a Kerberos
* configuration file or via the java.security.krb5.realm * configuration file or via the {@systemproperty java.security.krb5.realm}
* system property. For more information, see the * system property. For more information, see the
* {@extLink security_guide_jgss_tutorial Kerberos Requirements}. * {@extLink security_guide_jgss_tutorial Kerberos Requirements}.
* Additionally, if a security manager is *
* <p>Note that when this class or any other Kerberos-related class is
* initially loaded and initialized, it may read and cache the default
* realm from the Kerberos configuration file or via the
* java.security.krb5.realm system property (the value will be empty if
* no default realm is specified), such that any subsequent calls to set
* or change the default realm by setting the java.security.krb5.realm
* system property may be ignored.
*
* <p>Additionally, if a security manager is
* installed, a {@link ServicePermission} must be granted and the service * installed, a {@link ServicePermission} must be granted and the service
* principal of the permission must minimally be inside the * principal of the permission must minimally be inside the
* {@code KerberosPrincipal}'s realm. For example, if the result of * {@code KerberosPrincipal}'s realm. For example, if the result of