8344652: Remove access control context text from SSLEngine and SSLSession APIs

seanjmullan · seanjmullan · commit 9769ee869785 · 2024-11-22T13:18:26.000Z
Reviewed-by: jnimeh
diff --git a/src/java.base/share/classes/javax/net/ssl/SSLEngine.java b/src/java.base/share/classes/javax/net/ssl/SSLEngine.java
@@ -377,14 +377,6 @@
  *     }
  * </pre></blockquote>
  *
- * <P>
- * Applications might choose to process delegated tasks in different
- * threads.  When an {@code SSLEngine}
- * is created, the current {@link java.security.AccessControlContext}
- * is saved.  All future delegated tasks will be processed using this
- * context:  that is, all access control decisions will be made using the
- * context captured at engine creation.
- *
  * <HR>
  *
  * <B>Concurrency Notes</B>:
@@ -818,9 +810,6 @@ public abstract SSLEngineResult unwrap(ByteBuffer src,
      * {@code run} method returns, the {@code Runnable} object
      * is no longer needed and may be discarded.
      * <P>
-     * Delegated tasks run in the {@code AccessControlContext}
-     * in place when this object was created.
-     * <P>
      * A call to this method will return each outstanding task
      * exactly once.
      * <P>
diff --git a/src/java.base/share/classes/javax/net/ssl/SSLSession.java b/src/java.base/share/classes/javax/net/ssl/SSLSession.java
@@ -148,9 +148,6 @@ public interface SSLSession {
      * replaced.  If the new (or existing) {@code value} implements the
      * {@code SSLSessionBindingListener} interface, the object
      * represented by {@code value} is notified appropriately.
-     * <p>
-     * For security reasons, the same named values may not be
-     * visible across different access control contexts.
      *
      * @param name the name to which the data object will be bound.
      *          This may not be null.
@@ -163,9 +160,6 @@ public interface SSLSession {
     /**
      * Returns the object bound to the given name in the session's
      * application layer data.  Returns null if there is no such binding.
-     * <p>
-     * For security reasons, the same named values may not be
-     * visible across different access control contexts.
      *
      * @param name the name of the binding to find.
      * @return the value bound to that name, or null if the binding does
@@ -181,12 +175,8 @@ public interface SSLSession {
      * bound to the given name.  If the bound existing object
      * implements the {@code SSLSessionBindingListener} interface,
      * it is notified appropriately.
-     * <p>
-     * For security reasons, the same named values may not be
-     * visible across different access control contexts.
      *
-     * @param name the name of the object to remove visible
-     *          across different access control contexts
+     * @param name the name of the object to remove
      * @throws IllegalArgumentException if the argument is null.
      */
     void removeValue(String name);
@@ -195,9 +185,6 @@ public interface SSLSession {
     /**
      * Returns an array of the names of all the application layer
      * data objects bound into the Session.
-     * <p>
-     * For security reasons, the same named values may not be
-     * visible across different access control contexts.
      *
      * @return a non-null (possibly empty) array of names of the objects
      *  bound to this Session.
