8016850: JCK javax.security.auth.Policy tests fail when run in Profiles mode

Summary: Move default javax.security.auth.Policy implementation to compact1 profile Reviewed-by: vinnie

8016850: JCK javax.security.auth.Policy tests fail when run in Profiles mode
Summary: Move default javax.security.auth.Policy implementation to compact1 profile Reviewed-by: vinnie
f51d266b · mullan · b92f668c · f51d266b · b92f668c · f51d266b
5 changed file
--- a/src/share/classes/com/sun/security/auth/PolicyFile.java
+++ b/src/share/classes/com/sun/security/auth/PolicyFile.java
--- a/src/share/classes/com/sun/security/auth/PolicyParser.java
+++ b/src/share/classes/com/sun/security/auth/PolicyParser.java
--- a/src/share/classes/javax/security/auth/Policy.java
+++ b/src/share/classes/javax/security/auth/Policy.java
@@ -156,9 +156,10 @@ public abstract class Policy {
    private static Policy policy;
    private static ClassLoader contextClassLoader;
+    private final static String AUTH_POLICY =
+        "sun.security.provider.AuthPolicyFile";
-    // true if a custom (not com.sun.security.auth.PolicyFile) system-wide
+    // true if a custom (not AUTH_POLICY) system-wide policy object is set
-    // policy object is set
    private static boolean isCustomPolicy;
    static {
@@ -220,7 +221,7 @@ public abstract class Policy {
                        }
                    });
                    if (policy_class == null) {
-                        policy_class = "com.sun.security.auth.PolicyFile";
+                        policy_class = AUTH_POLICY;
                    }
                    try {
@@ -236,8 +237,7 @@ public abstract class Policy {
                                        contextClassLoader).newInstance();
                            }
                        });
-                        isCustomPolicy =
+                        isCustomPolicy = !finalClass.equals(AUTH_POLICY);
-                            !finalClass.equals("com.sun.security.auth.PolicyFile");
                    } catch (Exception e) {
                        throw new SecurityException
                                (sun.security.util.ResourcesMgr.getString
@@ -274,14 +274,14 @@ public abstract class Policy {
    }
    /**
-     * Returns true if a custom (not com.sun.security.auth.PolicyFile)
+     * Returns true if a custom (not AUTH_POLICY) system-wide policy object
-     * system-wide policy object has been set or installed. This method is
+     * has been set or installed. This method is called by
-     * called by SubjectDomainCombiner to provide backwards compatibility for
+     * SubjectDomainCombiner to provide backwards compatibility for
     * developers that provide their own javax.security.auth.Policy
     * implementations.
     *
-     * @return true if a custom (not com.sun.security.auth.PolicyFile)
+     * @return true if a custom (not AUTH_POLICY) system-wide policy object
-     * system-wide policy object has been set; false otherwise
+     * has been set; false otherwise
     */
    static boolean isCustomPolicySet(Debug debug) {
        if (policy != null) {
@@ -299,8 +299,7 @@ public abstract class Policy {
                    return Security.getProperty("auth.policy.provider");
                }
        });
-        if (policyClass != null
+        if (policyClass != null && !policyClass.equals(AUTH_POLICY)) {
-            && !policyClass.equals("com.sun.security.auth.PolicyFile")) {
            if (debug != null) {
                debug.println("Providing backwards compatibility for " +
                              "javax.security.auth.policy implementation: " +

--- a/src/share/classes/sun/security/provider/AuthPolicyFile.java
+++ b/src/share/classes/sun/security/provider/AuthPolicyFile.java
--- a/src/share/classes/com/sun/security/auth/SubjectCodeSource.java
+++ b/src/share/classes/com/sun/security/auth/SubjectCodeSource.java
@@ -23,7 +23,7 @@
 * questions.
 */
-package com.sun.security.auth;
+package sun.security.provider;
 import java.net.URL;
 import java.util.*;
@@ -39,8 +39,7 @@ import sun.security.provider.PolicyParser.PrincipalEntry;
 * <p> This <code>SubjectCodeSource</code> class contains
 * a <code>URL</code>, signer certificates, and either a <code>Subject</code>
 * (that represents the <code>Subject</code> in the current
- * <code>AccessControlContext</code>),
+ * <code>AccessControlContext</code>), or a linked list of Principals
- * or a linked list of Principals/PrincipalComparators
 * (that represent a "subject" in a <code>Policy</code>).
 *
 */
@@ -148,10 +147,10 @@ class SubjectCodeSource extends CodeSource implements java.io.Serializable {
     * <li> for each principal in this codesource's principal list:
     * <ol>
     * <li>     if the principal is an instanceof
-     *          <code>PrincipalComparator</code>, then the principal must
+     *          <code>Principal</code>, then the principal must
     *          imply the provided codesource's <code>Subject</code>.
     * <li>     if the principal is not an instanceof
-     *          <code>PrincipalComparator</code>, then the provided
+     *          <code>Principal</code>, then the provided
     *          codesource's <code>Subject</code> must have an
     *          associated <code>Principal</code>, <i>P</i>, where
     *          P.getClass().getName equals principal.principalClass,
@@ -203,16 +202,20 @@ class SubjectCodeSource extends CodeSource implements java.io.Serializable {
            PrincipalEntry pppe = li.next();
            try {
-                // handle PrincipalComparators
+                // use new Principal.implies method
-                Class<?> principalComparator = Class.forName(
+                Class<?> pClass = Class.forName(pppe.principalClass,
-                        pppe.getPrincipalClass(), true, sysClassLoader);
+                                                true, sysClassLoader);
-                Constructor<?> c = principalComparator.getConstructor(PARAMS);
+                if (!Principal.class.isAssignableFrom(pClass)) {
-                PrincipalComparator pc =
+                    // not the right subtype
-                        (PrincipalComparator)c.newInstance
+                    throw new ClassCastException(pppe.principalClass +
-                        (new Object[] { pppe.getPrincipalName() });
+                                                 " is not a Principal");
+                }
+                Constructor<?> c = pClass.getConstructor(PARAMS);
+                Principal p = (Principal)c.newInstance(new Object[] {
+                                                       pppe.principalName });
-                if (!pc.implies(that.getSubject())) {
+                if (!p.implies(that.getSubject())) {
                    if (debug != null)
                        debug.println("\tSubjectCodeSource.implies: FAILURE 3");
                    return false;
@@ -223,7 +226,7 @@ class SubjectCodeSource extends CodeSource implements java.io.Serializable {
                }
            } catch (Exception e) {
-                // no PrincipalComparator, simply compare Principals
+                // simply compare Principals
                if (subjectList == null) {