On Thu, 13 Jun 2024 20:54:25 GMT, Kevin Walls <[email protected]> wrote:
>> JMX uses APIs related to the Security Mananger which are deprecated. Use of
>> AccessControlContext will be removed when Security Manager is removed.
>>
>> Until then, updates are needed to not require setting
>> -Djava.security.manager=allow to use JMX authentication.
>
> Kevin Walls has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Separate SM allowed and not allowed cases
I don't quite understand why there is no more `noPermissionsACC` in
`Monotor.java`. This looks like the only behavior change when SM is allowed.
The other source change looks fine to me.
src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java
line 1461:
> 1459: throw rte;
> 1460: } else {
> 1461: throw new PrivilegedActionException(e);
The 4 lines above seems unnecessary now. Plus, do not wrap
`PrivilegedActionException` inside `PrivilegedActionException`.
src/java.management/share/classes/com/sun/jmx/remote/internal/ServerNotifForwarder.java
line 353:
> 351: } else {
> 352: return Subject.getSubject(AccessController.getContext());
> 353: }
`Subject.current()` should work for both cases. See the impl of it.
-------------
PR Review: https://git.openjdk.org/jdk/pull/19624#pullrequestreview-2118220033
PR Review Comment: https://git.openjdk.org/jdk/pull/19624#discussion_r1639720192
PR Review Comment: https://git.openjdk.org/jdk/pull/19624#discussion_r1639721194
