Hi Would you like to review http://cr.openjdk.java.net/~fyuan/8067170/webrev.00/? Bug: https://bugs.openjdk.java.net/browse/JDK-8067170
In this change, I enabled security manager for JAXP unit tests with improving the implementation approach and fixing some defects. Now jaxp tests use TestNG annotation to enable security manager and apply policies combination, like the following example(this full example is at: http://cr.openjdk.java.net/~fyuan/8067170/webrev.00/test/javax/xml/jaxp/unittest/parsers/Bug8003147Test.java.html): @Listeners({ jaxp.library.FilePolicy.class, jaxp.library.InternalAPIPolicy.class }) public class Bug8003147Test { There are also 2 additional patterns for some special cases: 1. JAXPTestUtilities.runWithTmpPermission(Runnable, Permission.) is used for some cases which require their own special permissions, e.g. http://cr.openjdk.java.net/~fyuan/8067170/webrev.00/test/javax/xml/jaxp/unittest/transform/CR6551600Test.java.sdiff.html. 2. JAXPTestUtilities.tryRunWithPolicyManager(Runnable, Permission.) is used for cases where some test methods need to be run with security manager and some others need to be run without security manager because they have different behaviors when having sm or not. E.g. http://cr.openjdk.java.net/~fyuan/8067170/webrev.00/test/javax/xml/jaxp/unittest/parsers/FactoryFindTest.java.sdiff.html. Such cases must run in single thread, all other cases don't require it, are thread safe. Btw, I moved internaltest into unittest because it's unnecessary to separate them. Thanks, Frank