On Thu, 14 Nov 2024 20:59:16 GMT, Kevin Rushforth <k...@openjdk.org> wrote:
> This PR removes all remaining uses of `AccessController` and
> `AccessControlContext`, which represent the last remaining uses of the
> terminally deprecated security APIs except for those in the `/ios/` or
> `/android/` directories.
>
> With the removal of doPrivileged and the `if (System.getSecurityManager() !=
> null)` code paths, the ACC is no longer used, so can be completely
> eliminated. Along with this, I removed all unused imports of security-related
> APIs and all related `@SuppressWarnings("removal") annotations.
>
> ### Notes to reviewers
>
> * Most of the changes were straight-forward removals of methods and fields to
> save, retrieve and pass around the `AccessControlContext`.
> * The Toolkit class stores a collection of listeners in a `WeakHashMap` with
> the listener as the key (thus weakly held) and the ACC as the value. We no
> longer need or want the ACC, but I kept the use of `WeakHashMap` and changed
> the value type to `Object`, storing a singleton dummy object as the value for
> each entry. This minimizes the changes, while preserving the behavior of
> reclaiming the entries when they are garbage collected.
Reviewers: @arapte @andy-goryachev-oracle
-------------
PR Comment: https://git.openjdk.org/jfx/pull/1638#issuecomment-2477540942
