This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Security and the fly likes Subject.doAs() with complex code.. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Subject.doAs() with complex code.." Watch "Subject.doAs() with complex code.." New topic

Subject.doAs() with complex code..

Michael Chaffin

Joined: Aug 31, 2006
Posts: 8
In the javadocs it states that AccessController.doPrivileged() is called

Further in the javadocs for AccessController.doPrivileged it states...

"Be *very* careful in your use of the "privileged" construct, and always remember to make the privileged code section as small as possible."

What then are the implications for having code within the privileged construct which is not even remotely on the small side?

Specifically a large switch statement modifying several Maps.

It does feel somewhat odd passing an anonymous inner class containing a switch statement as a parameter for a method call which eats all checked exceptions. Then again I'm not familiar with Jaas.
I agree. Here's the link:
subject: Subject.doAs() with complex code..
Similar Threads
Dan's Exam on Flow control
Clarification from Khalid Mughal's mock exam
Error while Running Code
Box or Unbox