jdk1.2 API Javadoc - AccessController

Ben Gill (Ben.Gill@uk.uu.net)
Tue, 15 Dec 1998 09:15:02 -0000

Hello,

After reading up on the new Security Model I have a small comment to
make to the API doc team on a certain class. (I presume this is the
developers)

The new AccessController classes javadoc description is rather
confusing:

There are three examples of over_riding the doPriviliged method using
Inner Classes

1) System.loadLibrary("awt"); is called inside the method
2) return System.getProperty("user.name"); is called and...
3) return new FileInputStream("someFile"); is called!

No 3) uses PrivilegedExceptionAction() instead of new
PrivilegedAction(), the reason being:

If the action performed in your run method could throw a "checked"
exception (those listed in the throws clause of a method), then you need
to use the PrivilegedExceptionAction interface instead of the
PrivilegedAction interface:

This is fine, but System.getProperty and System.loadLibrary both throw
exceptions that are listed in their throws clause. so either:

a) 1) and 2) are bad examples as they should really use the
PrivilegedExceptionAction interface to catch the exceptions that may be
thrown.

b) There is a bad explanation of what a "checked" exception is.

Also, (at a guess), I would think everything you wanted to do inside a
priviliged method could throw an exception so you would always want to
use the PrivilegedExceptionAction interface?

Can someone clear this point up as I am sure others will pick up on it!

Thanks

Ben Gill