stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8282676: Improve subject handling

Browse Source 
Reviewed-by: ahgross, mullan, rhalade
This commit is contained in:
Weijun Wang 2022-04-20 14:01:39 +00:00 committed by Henry Jen
parent 83339500ba
commit d0a2f13dea
3 changed files with 26 additions and 67 deletions
src/java.base/share/classes/javax/security/auth
Subject.java
test/jdk/javax/security/auth/Subject
CurrentSubject.javaExceptions.java

64
src/java.base/share/classes/javax/security/auth/Subject.java

@ -320,18 +320,6 @@ public final class Subject implements java.io.Serializable {
});
}
// Store the current subject in a ThreadLocal when a system property is set.
private static final boolean USE_TL = GetBooleanAction
.privilegedGetProperty("jdk.security.auth.subject.useTL");
private static final InheritableThreadLocal<Subject> SUBJECT_THREAD_LOCAL =
USE_TL ?
new InheritableThreadLocal<>() {
@Override protected Subject initialValue() {
return null;
}
} : null;
/**
* Returns the current subject.
* <p>
@ -347,14 +335,11 @@ public final class Subject implements java.io.Serializable {
* its parent thread's current subject is changed to another value.
*
* @implNote
* By default, this method returns the same value as
* This method returns the same value as
* {@code Subject.getSubject(AccessController.getContext())}. This
* preserves compatibility with code that may still be calling {@code doAs}
* which installs the subject in an {@code AccessControlContext}. However,
* if the system property {@systemProperty jdk.security.auth.subject.useTL}
* is set to {@code true}, the subject is retrieved from an inheritable
* {@code ThreadLocal} object. This behavior is subject to
* change in a future version.
* which installs the subject in an {@code AccessControlContext}. This
* behavior is subject to change in a future version.
*
* @return the current subject, or {@code null} if a current subject is
* not installed or the current subject is set to {@code null}.
@ -363,9 +348,7 @@ public final class Subject implements java.io.Serializable {
*/
@SuppressWarnings("removal")
public static Subject current() {
return USE_TL
? SUBJECT_THREAD_LOCAL.get()
: getSubject(AccessController.getContext());
return getSubject(AccessController.getContext());
}
/**
@ -373,18 +356,15 @@ public final class Subject implements java.io.Serializable {
* current subject.
*
* @implNote
* By default, this method calls {@link #doAs(Subject, PrivilegedExceptionAction)
* This method calls {@link #doAs(Subject, PrivilegedExceptionAction)
* Subject.doAs(subject, altAction)} which stores the subject in
* a new {@code AccessControlContext}, where {@code altAction.run()}
* is equivalent to {@code action.call()} and the exception thrown is
* modified to match the specification of this method. This preserves
* compatibility with code that may still be calling
* {@code getSubject(AccessControlContext)} which retrieves the subject
* from an {@code AccessControlContext}. However,
* if the system property {@code jdk.security.auth.subject.useTL}
* is set to {@code true}, the current subject will be stored in an inheritable
* {@code ThreadLocal} object. This behavior is subject to change in a
* future version.
* from an {@code AccessControlContext}. This behavior is subject
* to change in a future version.
*
* @param subject the {@code Subject} that the specified {@code action}
* will run as. This parameter may be {@code null}.
@ -403,27 +383,15 @@ public final class Subject implements java.io.Serializable {
public static <T> T callAs(final Subject subject,
final Callable<T> action) throws CompletionException {
Objects.requireNonNull(action);
if (USE_TL) {
Subject oldSubject = SUBJECT_THREAD_LOCAL.get();
SUBJECT_THREAD_LOCAL.set(subject);
try {
return action.call();
} catch (Exception e) {
throw new CompletionException(e);
} finally {
SUBJECT_THREAD_LOCAL.set(oldSubject);
}
} else {
try {
PrivilegedExceptionAction<T> pa = () -> action.call();
@SuppressWarnings("removal")
var result = doAs(subject, pa);
return result;
} catch (PrivilegedActionException e) {
throw new CompletionException(e.getCause());
} catch (Exception e) {
throw new CompletionException(e);
}
try {
PrivilegedExceptionAction<T> pa = () -> action.call();
@SuppressWarnings("removal")
var result = doAs(subject, pa);
return result;
} catch (PrivilegedActionException e) {
throw new CompletionException(e.getCause());
} catch (Exception e) {
throw new CompletionException(e);
}
}

24
test/jdk/javax/security/auth/Subject/CurrentSubject.java

@ -1,5 +1,5 @@
/*
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2021, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -34,18 +34,10 @@ import java.util.concurrent.atomic.AtomicInteger;
* @test
* @bug 8267108
* @summary confirm current subject specification
* @run main/othervm
* -Djdk.security.auth.subject.useTL=false -Dtest=both CurrentSubject
* @run main/othervm
* -Djdk.security.auth.subject.useTL=true -Dtest=old CurrentSubject
* @run main/othervm
* -Djdk.security.auth.subject.useTL=true -Dtest=new CurrentSubject
* @run main/othervm CurrentSubject
*/
public class CurrentSubject {
static final boolean TEST_NEW = !System.getProperty("test").equals("old");
static final boolean TEST_OLD = !System.getProperty("test").equals("new");
static transient boolean failed = false;
static CountDownLatch cl = new CountDownLatch(1);
static AtomicInteger count = new AtomicInteger();
@ -68,12 +60,12 @@ public class CurrentSubject {
synchronized static void check(String label, Subject expected) {
Subject cas = Subject.current();
Subject accs = Subject.getSubject(AccessController.getContext());
if (TEST_NEW && TEST_OLD && cas != accs) {
if (cas != accs) {
failed = true;
System.out.println(label + ": current " + s2s(cas)
+ " but getSubject is " + s2s(accs));
}
Subject interested = TEST_NEW ? cas : accs;
Subject interested = cas;
if (interested != expected) {
failed = true;
System.out.println(label + ": expected " + s2s(expected)
@ -97,11 +89,11 @@ public class CurrentSubject {
Subject another = new Subject();
another.getPrincipals().add(new RawPrincipal(name + "d"));
// run with a new subject, inside current subject will be the new subject
if (TEST_NEW) Subject.callAs(another, () -> test(name + 'c', another));
if (TEST_OLD) Subject.doAs(another, (PrivilegedAction<Void>) () -> test(name + 'd', another));
Subject.callAs(another, () -> test(name + 'c', another));
Subject.doAs(another, (PrivilegedAction<Void>) () -> test(name + 'd', another));
// run with null, inside current subject will be null
if (TEST_NEW) Subject.callAs(null, () -> test(name + 'C', null));
if (TEST_OLD) Subject.doAs(null, (PrivilegedAction<Void>) () -> test(name + 'D', null));
Subject.callAs(null, () -> test(name + 'C', null));
Subject.doAs(null, (PrivilegedAction<Void>) () -> test(name + 'D', null));
// new thread, inside current subject is unchanged
count.incrementAndGet();
new Thread(() -> {

5
test/jdk/javax/security/auth/Subject/Exceptions.java

@ -1,5 +1,5 @@
/*
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2021, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,8 +26,7 @@
* @bug 8267108
* @library /test/lib
* @summary Check that callAs and doAs throw the specified exceptions
* @run main/othervm -Djava.security.manager=allow -Djdk.security.auth.subject.useTL=true Exceptions
* @run main/othervm -Djava.security.manager=allow -Djdk.security.auth.subject.useTL=false Exceptions
* @run main/othervm -Djava.security.manager=allow Exceptions
*/
import jdk.test.lib.Asserts;