8077055: Allow other named SecurityPermissions, RuntimePermissions, and AuthPermissions to be used
authormullan
Tue, 11 Aug 2015 08:48:18 -0400
changeset 32107 67aa4920495c
parent 32106 f33c38153e63
child 32108 aa5490a167ee
child 32136 aa92c5a39f90
8077055: Allow other named SecurityPermissions, RuntimePermissions, and AuthPermissions to be used Reviewed-by: weijun
jdk/src/java.base/share/classes/java/lang/RuntimePermission.java
jdk/src/java.base/share/classes/java/security/SecurityPermission.java
jdk/src/java.base/share/classes/javax/security/auth/AuthPermission.java
--- a/jdk/src/java.base/share/classes/java/lang/RuntimePermission.java	Tue Aug 11 10:53:50 2015 +0200
+++ b/jdk/src/java.base/share/classes/java/lang/RuntimePermission.java	Tue Aug 11 08:48:18 2015 -0400
@@ -31,22 +31,19 @@
 import java.util.StringTokenizer;
 
 /**
- * This class is for runtime permissions. A RuntimePermission
- * contains a name (also referred to as a "target name") but
- * no actions list; you either have the named permission
- * or you don't.
- *
- * <P>
+ * This class is for runtime permissions. A {@code RuntimePermission}
+ * contains a name (also referred to as a "target name") but no actions
+ * list; you either have the named permission or you don't.
+ * <p>
  * The target name is the name of the runtime permission (see below). The
  * naming convention follows the  hierarchical property naming convention.
- * Also, an asterisk
- * may appear at the end of the name, following a ".", or by itself, to
- * signify a wildcard match. For example: "loadLibrary.*" and "*" signify a
- * wildcard match, while "*loadLibrary" and "a*b" do not.
- * <P>
- * The following table lists all the possible RuntimePermission target names,
- * and for each provides a description of what the permission allows
- * and a discussion of the risks of granting code the permission.
+ * Also, an asterisk may appear at the end of the name, following a ".",
+ * or by itself, to signify a wildcard match. For example: "loadLibrary.*"
+ * and "*" signify a wildcard match, while "*loadLibrary" and "a*b" do not.
+ * <p>
+ * The following table lists the standard {@code RuntimePermission}
+ * target names, and for each provides a description of what the permission
+ * allows and a discussion of the risks of granting code the permission.
  *
  * <table border=1 cellpadding=5 summary="permission target name,
  *  what the target allows,and associated risks">
@@ -353,6 +350,10 @@
  * </tr>
  * </table>
  *
+ * @implNote
+ * Implementations may define additional target names, but should use naming
+ * conventions such as reverse domain name notation to avoid name clashes.
+ *
  * @see java.security.BasicPermission
  * @see java.security.Permission
  * @see java.security.Permissions
--- a/jdk/src/java.base/share/classes/java/security/SecurityPermission.java	Tue Aug 11 10:53:50 2015 +0200
+++ b/jdk/src/java.base/share/classes/java/security/SecurityPermission.java	Tue Aug 11 08:48:18 2015 -0400
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,19 +31,19 @@
 import java.util.StringTokenizer;
 
 /**
- * This class is for security permissions.
- * A SecurityPermission contains a name (also referred to as a "target name")
- * but no actions list; you either have the named permission
- * or you don't.
- * <P>
- * The target name is the name of a security configuration parameter (see below).
- * Currently the SecurityPermission object is used to guard access
- * to the Policy, Security, Provider, Signer, and Identity
+ * This class is for security permissions. A {@code SecurityPermission}
+ * contains a name (also referred to as a "target name") but no actions list;
+ * you either have the named permission or you don't.
+ * <p>
+ * The target name is the name of a security configuration parameter
+ * (see below). Currently the {@code SecurityPermission} object is used to
+ * guard access to the {@link AccessControlContext}, {@link Policy},
+ * {@link Provider}, {@link Security}, {@link Signer}, and {@link Identity}
  * objects.
- * <P>
- * The following table lists all the possible SecurityPermission target names,
- * and for each provides a description of what the permission allows
- * and a discussion of the risks of granting code the permission.
+ * <p>
+ * The following table lists the standard {@code SecurityPermission}
+ * target names, and for each provides a description of what the permission
+ * allows and a discussion of the risks of granting code the permission.
  *
  * <table border=1 cellpadding=5 summary="target name,what the permission allows, and associated risks">
  * <tr>
@@ -299,6 +299,10 @@
  *
  * </table>
  *
+ * @implNote
+ * Implementations may define additional target names, but should use naming
+ * conventions such as reverse domain name notation to avoid name clashes.
+ *
  * @see java.security.BasicPermission
  * @see java.security.Permission
  * @see java.security.Permissions
--- a/jdk/src/java.base/share/classes/javax/security/auth/AuthPermission.java	Tue Aug 11 10:53:50 2015 +0200
+++ b/jdk/src/java.base/share/classes/javax/security/auth/AuthPermission.java	Tue Aug 11 08:48:18 2015 -0400
@@ -26,18 +26,17 @@
 package javax.security.auth;
 
 /**
- * This class is for authentication permissions.
- * An AuthPermission contains a name
- * (also referred to as a "target name")
- * but no actions list; you either have the named permission
- * or you don't.
+ * This class is for authentication permissions. An {@code AuthPermission}
+ * contains a name (also referred to as a "target name") but no actions
+ * list; you either have the named permission or you don't.
  *
  * <p> The target name is the name of a security configuration parameter
- * (see below).  Currently the AuthPermission object is used to
- * guard access to the Policy, Subject, LoginContext,
- * and Configuration objects.
+ * (see below).  Currently the {@code AuthPermission} object is used to
+ * guard access to the {@link Policy}, {@link Subject},
+ * {@link javax.security.auth.login.LoginContext}, and
+ * {@link javax.security.auth.login.Configuration} objects.
  *
- * <p> The possible target names for an Authentication Permission are:
+ * <p> The standard target names for an Authentication Permission are:
  *
  * <pre>
  *      doAs -                  allow the caller to invoke the
@@ -125,6 +124,9 @@
  *                              Subject-based access control policy.
  * </pre>
  *
+ * @implNote
+ * Implementations may define additional target names, but should use naming
+ * conventions such as reverse domain name notation to avoid name clashes.
  */
 public final class AuthPermission extends
 java.security.BasicPermission {