From 784379f7a44106e1e0a0c6e9c87bed5eec406623 Mon Sep 17 00:00:00 2001
From: Sean Mullan <mullan@openjdk.org>
Date: Tue, 11 Aug 2015 08:48:18 -0400
Subject: [PATCH] 8077055: Allow other named SecurityPermissions,
 RuntimePermissions, and AuthPermissions to be used

Reviewed-by: weijun
---
 .../classes/java/lang/RuntimePermission.java  | 29 +++++++++---------
 .../java/security/SecurityPermission.java     | 30 +++++++++++--------
 .../javax/security/auth/AuthPermission.java   | 20 +++++++------
 3 files changed, 43 insertions(+), 36 deletions(-)

diff --git a/jdk/src/java.base/share/classes/java/lang/RuntimePermission.java b/jdk/src/java.base/share/classes/java/lang/RuntimePermission.java
index 0df77f5e520..36b48b75d39 100644
--- a/jdk/src/java.base/share/classes/java/lang/RuntimePermission.java
+++ b/jdk/src/java.base/share/classes/java/lang/RuntimePermission.java
@@ -31,22 +31,19 @@ import java.util.Hashtable;
 import java.util.StringTokenizer;
 
 /**
- * This class is for runtime permissions. A RuntimePermission
- * contains a name (also referred to as a "target name") but
- * no actions list; you either have the named permission
- * or you don't.
- *
- * <P>
+ * This class is for runtime permissions. A {@code RuntimePermission}
+ * contains a name (also referred to as a "target name") but no actions
+ * list; you either have the named permission or you don't.
+ * <p>
  * The target name is the name of the runtime permission (see below). The
  * naming convention follows the  hierarchical property naming convention.
- * Also, an asterisk
- * may appear at the end of the name, following a ".", or by itself, to
- * signify a wildcard match. For example: "loadLibrary.*" and "*" signify a
- * wildcard match, while "*loadLibrary" and "a*b" do not.
- * <P>
- * The following table lists all the possible RuntimePermission target names,
- * and for each provides a description of what the permission allows
- * and a discussion of the risks of granting code the permission.
+ * Also, an asterisk may appear at the end of the name, following a ".",
+ * or by itself, to signify a wildcard match. For example: "loadLibrary.*"
+ * and "*" signify a wildcard match, while "*loadLibrary" and "a*b" do not.
+ * <p>
+ * The following table lists the standard {@code RuntimePermission}
+ * target names, and for each provides a description of what the permission
+ * allows and a discussion of the risks of granting code the permission.
  *
  * <table border=1 cellpadding=5 summary="permission target name,
  *  what the target allows,and associated risks">
@@ -353,6 +350,10 @@ import java.util.StringTokenizer;
  * </tr>
  * </table>
  *
+ * @implNote
+ * Implementations may define additional target names, but should use naming
+ * conventions such as reverse domain name notation to avoid name clashes.
+ *
  * @see java.security.BasicPermission
  * @see java.security.Permission
  * @see java.security.Permissions
diff --git a/jdk/src/java.base/share/classes/java/security/SecurityPermission.java b/jdk/src/java.base/share/classes/java/security/SecurityPermission.java
index 5bb74569d3f..60d1d785860 100644
--- a/jdk/src/java.base/share/classes/java/security/SecurityPermission.java
+++ b/jdk/src/java.base/share/classes/java/security/SecurityPermission.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,19 +31,19 @@ import java.util.Hashtable;
 import java.util.StringTokenizer;
 
 /**
- * This class is for security permissions.
- * A SecurityPermission contains a name (also referred to as a "target name")
- * but no actions list; you either have the named permission
- * or you don't.
- * <P>
- * The target name is the name of a security configuration parameter (see below).
- * Currently the SecurityPermission object is used to guard access
- * to the Policy, Security, Provider, Signer, and Identity
+ * This class is for security permissions. A {@code SecurityPermission}
+ * contains a name (also referred to as a "target name") but no actions list;
+ * you either have the named permission or you don't.
+ * <p>
+ * The target name is the name of a security configuration parameter
+ * (see below). Currently the {@code SecurityPermission} object is used to
+ * guard access to the {@link AccessControlContext}, {@link Policy},
+ * {@link Provider}, {@link Security}, {@link Signer}, and {@link Identity}
  * objects.
- * <P>
- * The following table lists all the possible SecurityPermission target names,
- * and for each provides a description of what the permission allows
- * and a discussion of the risks of granting code the permission.
+ * <p>
+ * The following table lists the standard {@code SecurityPermission}
+ * target names, and for each provides a description of what the permission
+ * allows and a discussion of the risks of granting code the permission.
  *
  * <table border=1 cellpadding=5 summary="target name,what the permission allows, and associated risks">
  * <tr>
@@ -299,6 +299,10 @@ import java.util.StringTokenizer;
  *
  * </table>
  *
+ * @implNote
+ * Implementations may define additional target names, but should use naming
+ * conventions such as reverse domain name notation to avoid name clashes.
+ *
  * @see java.security.BasicPermission
  * @see java.security.Permission
  * @see java.security.Permissions
diff --git a/jdk/src/java.base/share/classes/javax/security/auth/AuthPermission.java b/jdk/src/java.base/share/classes/javax/security/auth/AuthPermission.java
index 49f51481d17..889d14af979 100644
--- a/jdk/src/java.base/share/classes/javax/security/auth/AuthPermission.java
+++ b/jdk/src/java.base/share/classes/javax/security/auth/AuthPermission.java
@@ -26,18 +26,17 @@
 package javax.security.auth;
 
 /**
- * This class is for authentication permissions.
- * An AuthPermission contains a name
- * (also referred to as a "target name")
- * but no actions list; you either have the named permission
- * or you don't.
+ * This class is for authentication permissions. An {@code AuthPermission}
+ * contains a name (also referred to as a "target name") but no actions
+ * list; you either have the named permission or you don't.
  *
  * <p> The target name is the name of a security configuration parameter
- * (see below).  Currently the AuthPermission object is used to
- * guard access to the Policy, Subject, LoginContext,
- * and Configuration objects.
+ * (see below).  Currently the {@code AuthPermission} object is used to
+ * guard access to the {@link Policy}, {@link Subject},
+ * {@link javax.security.auth.login.LoginContext}, and
+ * {@link javax.security.auth.login.Configuration} objects.
  *
- * <p> The possible target names for an Authentication Permission are:
+ * <p> The standard target names for an Authentication Permission are:
  *
  * <pre>
  *      doAs -                  allow the caller to invoke the
@@ -125,6 +124,9 @@ package javax.security.auth;
  *                              Subject-based access control policy.
  * </pre>
  *
+ * @implNote
+ * Implementations may define additional target names, but should use naming
+ * conventions such as reverse domain name notation to avoid name clashes.
  */
 public final class AuthPermission extends
 java.security.BasicPermission {