On Thu, 17 Oct 2024 11:24:56 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> In general, I tried to remove any text from the Permission classes that >> described behavior if the permissions were granted. So in the above I >> removed the text because it had words like "protect" and "accessed" and >> referred to `com.sun.security.jgss.ExtendedGSSContext#inquireSecContext` >> which no longer does a permission check. I also added the API Note to make >> it clear the permission could no longer be used to control access. >> >> If there are other Permission classes you think should have their text >> modified or removed, let me know. > > All JGSS permission classes follow the same style: > > In `javax.security.auth.kerberos.DelegationPermission`: > > * This class is used to restrict the usage of the Kerberos > * delegation model, ie: forwardable and proxiable tickets. > ``` > In `javax.security.auth.kerberos.DelegationPermission`: > > * This class is used to restrict the usage of the Kerberos > * delegation model, ie: forwardable and proxiable tickets. I assume for the second one above you mean `javax.security.auth.kerberos.ServicePermission`. These classes still have a lot of words like "grant" and "trust". I will make some changes to the class descriptions of those classes, please review them in the next update. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/21498#discussion_r1805188374
