File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes Subject.doAs() with complex code.. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Subject.doAs() with complex code.." Watch "Subject.doAs() with complex code.." New topic

Subject.doAs() with complex code..

Michael Chaffin

Joined: Aug 31, 2006
Posts: 8
In the javadocs it states that AccessController.doPrivileged() is called

Further in the javadocs for AccessController.doPrivileged it states...

"Be *very* careful in your use of the "privileged" construct, and always remember to make the privileged code section as small as possible."

What then are the implications for having code within the privileged construct which is not even remotely on the small side?

Specifically a large switch statement modifying several Maps.

It does feel somewhat odd passing an anonymous inner class containing a switch statement as a parameter for a method call which eats all checked exceptions. Then again I'm not familiar with Jaas.
I agree. Here's the link:
subject: Subject.doAs() with complex code..
It's not a secret anymore!