8077055: Allow other named SecurityPermissions, RuntimePermissions, and AuthPermissions to be used

Reviewed-by: weijun
2015-08-11 08:48:18 -04:00 · 2015-08-11 08:48:18 -04:00 · 784379f7a4
commit 784379f7a4
parent 1104878b02
3 changed files with 43 additions and 36 deletions
--- a/jdk/src/java.base/share/classes/java/lang/RuntimePermission.java
+++ b/jdk/src/java.base/share/classes/java/lang/RuntimePermission.java
@ -31,22 +31,19 @@ import java.util.Hashtable;
 import java.util.StringTokenizer;

 /**
- * This class is for runtime permissions. A RuntimePermission
- * contains a name (also referred to as a "target name") but
- * no actions list; you either have the named permission
- * or you don't.
- *
- * <P>
+ * This class is for runtime permissions. A {@code RuntimePermission}
+ * contains a name (also referred to as a "target name") but no actions
+ * list; you either have the named permission or you don't.
+ * <p>
 * The target name is the name of the runtime permission (see below). The
 * naming convention follows the  hierarchical property naming convention.
- * Also, an asterisk
- * may appear at the end of the name, following a ".", or by itself, to
- * signify a wildcard match. For example: "loadLibrary.*" and "*" signify a
- * wildcard match, while "*loadLibrary" and "a*b" do not.
- * <P>
- * The following table lists all the possible RuntimePermission target names,
- * and for each provides a description of what the permission allows
- * and a discussion of the risks of granting code the permission.
+ * Also, an asterisk may appear at the end of the name, following a ".",
+ * or by itself, to signify a wildcard match. For example: "loadLibrary.*"
+ * and "*" signify a wildcard match, while "*loadLibrary" and "a*b" do not.
+ * <p>
+ * The following table lists the standard {@code RuntimePermission}
+ * target names, and for each provides a description of what the permission
+ * allows and a discussion of the risks of granting code the permission.
 *
 * <table border=1 cellpadding=5 summary="permission target name,
 *  what the target allows,and associated risks">
@ -353,6 +350,10 @@ import java.util.StringTokenizer;
 * </tr>
 * </table>
 *
+ * @implNote
+ * Implementations may define additional target names, but should use naming
+ * conventions such as reverse domain name notation to avoid name clashes.
+ *
 * @see java.security.BasicPermission
 * @see java.security.Permission
 * @see java.security.Permissions
--- a/jdk/src/java.base/share/classes/java/security/SecurityPermission.java
+++ b/jdk/src/java.base/share/classes/java/security/SecurityPermission.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -31,19 +31,19 @@ import java.util.Hashtable;
 import java.util.StringTokenizer;

 /**
- * This class is for security permissions.
- * A SecurityPermission contains a name (also referred to as a "target name")
- * but no actions list; you either have the named permission
- * or you don't.
- * <P>
- * The target name is the name of a security configuration parameter (see below).
- * Currently the SecurityPermission object is used to guard access
- * to the Policy, Security, Provider, Signer, and Identity
+ * This class is for security permissions. A {@code SecurityPermission}
+ * contains a name (also referred to as a "target name") but no actions list;
+ * you either have the named permission or you don't.
+ * <p>
+ * The target name is the name of a security configuration parameter
+ * (see below). Currently the {@code SecurityPermission} object is used to
+ * guard access to the {@link AccessControlContext}, {@link Policy},
+ * {@link Provider}, {@link Security}, {@link Signer}, and {@link Identity}
 * objects.
- * <P>
- * The following table lists all the possible SecurityPermission target names,
- * and for each provides a description of what the permission allows
- * and a discussion of the risks of granting code the permission.
+ * <p>
+ * The following table lists the standard {@code SecurityPermission}
+ * target names, and for each provides a description of what the permission
+ * allows and a discussion of the risks of granting code the permission.
 *
 * <table border=1 cellpadding=5 summary="target name,what the permission allows, and associated risks">
 * <tr>
@ -299,6 +299,10 @@ import java.util.StringTokenizer;
 *
 * </table>
 *
+ * @implNote
+ * Implementations may define additional target names, but should use naming
+ * conventions such as reverse domain name notation to avoid name clashes.
+ *
 * @see java.security.BasicPermission
 * @see java.security.Permission
 * @see java.security.Permissions
--- a/jdk/src/java.base/share/classes/javax/security/auth/AuthPermission.java
+++ b/jdk/src/java.base/share/classes/javax/security/auth/AuthPermission.java
@ -26,18 +26,17 @@
 package javax.security.auth;

 /**
- * This class is for authentication permissions.
- * An AuthPermission contains a name
- * (also referred to as a "target name")
- * but no actions list; you either have the named permission
- * or you don't.
+ * This class is for authentication permissions. An {@code AuthPermission}
+ * contains a name (also referred to as a "target name") but no actions
+ * list; you either have the named permission or you don't.
 *
 * <p> The target name is the name of a security configuration parameter
- * (see below).  Currently the AuthPermission object is used to
- * guard access to the Policy, Subject, LoginContext,
- * and Configuration objects.
+ * (see below).  Currently the {@code AuthPermission} object is used to
+ * guard access to the {@link Policy}, {@link Subject},
+ * {@link javax.security.auth.login.LoginContext}, and
+ * {@link javax.security.auth.login.Configuration} objects.
 *
- * <p> The possible target names for an Authentication Permission are:
+ * <p> The standard target names for an Authentication Permission are:
 *
 * <pre>
 *      doAs -                  allow the caller to invoke the
@ -125,6 +124,9 @@ package javax.security.auth;
 *                              Subject-based access control policy.
 * </pre>
 *
+ * @implNote
+ * Implementations may define additional target names, but should use naming
+ * conventions such as reverse domain name notation to avoid name clashes.
 */
 public final class AuthPermission extends
 java.security.BasicPermission {