Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8232155

DelegationPermission constructors have imprecise spec

    Details

    • Type: CSR
    • Status: Closed
    • Priority: P3
    • Resolution: Approved
    • Fix Version/s: 14
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • Compatibility Kind:
      behavioral
    • Compatibility Risk:
      minimal
    • Compatibility Risk Description:
      Hide
      Before this fix, an IAE is thrown when the argument is empty or improperly quoted. In the case when it does not contain a pair of principals, the constructor will succeed but any method called on the newly created object would throw a NPE. We decide to throw IAE in the constructor to avoid such an object being created.
      Show
      Before this fix, an IAE is thrown when the argument is empty or improperly quoted. In the case when it does not contain a pair of principals, the constructor will succeed but any method called on the newly created object would throw a NPE. We decide to throw IAE in the constructor to avoid such an object being created.
    • Interface Kind:
      Java API
    • Scope:
      SE

      Description

      Summary

      Update the spec of 2 DelegationPermission constructors to precisely describe when an IllegalArgumentException would be thrown.

      Problem

      The current spec shows @throws IllegalArgumentException if {@code principals} is empty but the exception is also thrown when the argument is not correctly quoted. Also, when the argument does not contain a pair of principals, the constructor will succeed but the service principal inside is null and any method called on the newly created object would throw a NPE. This should also be dealt with in the constructors.

      Solution

      See spec below.

      Specification

      --- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/DelegationPermission.java
      +++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/DelegationPermission.java
      @@ -78,7 +78,8 @@
            * @param principals the name of the subordinate and target principals
            *
            * @throws NullPointerException if {@code principals} is {@code null}.
      -     * @throws IllegalArgumentException if {@code principals} is empty.
      +     * @throws IllegalArgumentException if {@code principals} is empty,
      +     *      or does not contain a pair of principals, or is improperly quoted
            */
           public DelegationPermission(String principals) {
               super(principals);
      @@ -94,7 +95,8 @@
            * @param actions should be null.
            *
            * @throws NullPointerException if {@code principals} is {@code null}.
      -     * @throws IllegalArgumentException if {@code principals} is empty.
      +     * @throws IllegalArgumentException if {@code principals} is empty,
      +     *      or does not contain a pair of principals, or is improperly quoted
            */
           public DelegationPermission(String principals, String actions) {
               super(principals, actions);

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                weijun Weijun Wang
                Reporter:
                dbessono Dmitry Bessonov
                Reviewed By:
                Sean Mullan
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: