changeset 8547:c6e4f146176d

8020557: javadoc cleanup in javax.security Reviewed-by: darcy
author juh
date Mon, 23 Jan 2017 20:14:27 +0000
parents b36c3751a724
children 68caa86e0fe0
files src/share/classes/javax/security/auth/AuthPermission.java src/share/classes/javax/security/auth/DestroyFailedException.java src/share/classes/javax/security/auth/Destroyable.java src/share/classes/javax/security/auth/Policy.java src/share/classes/javax/security/auth/PrivateCredentialPermission.java src/share/classes/javax/security/auth/RefreshFailedException.java src/share/classes/javax/security/auth/Refreshable.java src/share/classes/javax/security/auth/Subject.java src/share/classes/javax/security/auth/SubjectDomainCombiner.java src/share/classes/javax/security/auth/callback/Callback.java src/share/classes/javax/security/auth/callback/CallbackHandler.java src/share/classes/javax/security/auth/callback/ChoiceCallback.java src/share/classes/javax/security/auth/callback/ConfirmationCallback.java src/share/classes/javax/security/auth/callback/LanguageCallback.java src/share/classes/javax/security/auth/callback/NameCallback.java src/share/classes/javax/security/auth/callback/PasswordCallback.java src/share/classes/javax/security/auth/callback/TextInputCallback.java src/share/classes/javax/security/auth/callback/TextOutputCallback.java src/share/classes/javax/security/auth/callback/UnsupportedCallbackException.java src/share/classes/javax/security/auth/callback/package-info.java src/share/classes/javax/security/auth/callback/package.html src/share/classes/javax/security/auth/kerberos/DelegationPermission.java src/share/classes/javax/security/auth/kerberos/KerberosKey.java src/share/classes/javax/security/auth/kerberos/KerberosPrincipal.java src/share/classes/javax/security/auth/kerberos/KerberosTicket.java src/share/classes/javax/security/auth/kerberos/KeyImpl.java src/share/classes/javax/security/auth/kerberos/KeyTab.java src/share/classes/javax/security/auth/kerberos/ServicePermission.java src/share/classes/javax/security/auth/kerberos/package-info.java src/share/classes/javax/security/auth/kerberos/package.html src/share/classes/javax/security/auth/login/AccountExpiredException.java src/share/classes/javax/security/auth/login/AppConfigurationEntry.java src/share/classes/javax/security/auth/login/Configuration.java src/share/classes/javax/security/auth/login/ConfigurationSpi.java src/share/classes/javax/security/auth/login/CredentialExpiredException.java src/share/classes/javax/security/auth/login/FailedLoginException.java src/share/classes/javax/security/auth/login/LoginContext.java src/share/classes/javax/security/auth/login/package-info.java src/share/classes/javax/security/auth/login/package.html src/share/classes/javax/security/auth/package-info.java src/share/classes/javax/security/auth/package.html src/share/classes/javax/security/auth/spi/LoginModule.java src/share/classes/javax/security/auth/spi/package-info.java src/share/classes/javax/security/auth/spi/package.html src/share/classes/javax/security/auth/x500/X500Principal.java src/share/classes/javax/security/auth/x500/X500PrivateCredential.java src/share/classes/javax/security/auth/x500/package-info.java src/share/classes/javax/security/auth/x500/package.html src/share/classes/javax/security/cert/Certificate.java src/share/classes/javax/security/cert/CertificateEncodingException.java src/share/classes/javax/security/cert/CertificateException.java src/share/classes/javax/security/cert/CertificateExpiredException.java src/share/classes/javax/security/cert/CertificateNotYetValidException.java src/share/classes/javax/security/cert/CertificateParsingException.java src/share/classes/javax/security/cert/X509Certificate.java src/share/classes/javax/security/cert/package-info.java src/share/classes/javax/security/cert/package.html src/share/classes/javax/security/sasl/AuthenticationException.java src/share/classes/javax/security/sasl/AuthorizeCallback.java src/share/classes/javax/security/sasl/RealmCallback.java src/share/classes/javax/security/sasl/RealmChoiceCallback.java src/share/classes/javax/security/sasl/Sasl.java src/share/classes/javax/security/sasl/SaslClient.java src/share/classes/javax/security/sasl/SaslClientFactory.java src/share/classes/javax/security/sasl/SaslException.java src/share/classes/javax/security/sasl/SaslServer.java src/share/classes/javax/security/sasl/SaslServerFactory.java src/share/classes/javax/security/sasl/package-info.java src/share/classes/javax/security/sasl/package.html
diffstat 69 files changed, 1594 insertions(+), 1736 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/javax/security/auth/AuthPermission.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/AuthPermission.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -41,10 +41,10 @@
  *
  * <pre>
  *      doAs -                  allow the caller to invoke the
- *                              <code>Subject.doAs</code> methods.
+ *                              {@code Subject.doAs} methods.
  *
  *      doAsPrivileged -        allow the caller to invoke the
- *                              <code>Subject.doAsPrivileged</code> methods.
+ *                              {@code Subject.doAsPrivileged} methods.
  *
  *      getSubject -            allow for the retrieval of the
  *                              Subject(s) associated with the
@@ -52,39 +52,39 @@
  *
  *      getSubjectFromDomainCombiner -  allow for the retrieval of the
  *                              Subject associated with the
- *                              a <code>SubjectDomainCombiner</code>.
+ *                              a {@code SubjectDomainCombiner}.
  *
  *      setReadOnly -           allow the caller to set a Subject
  *                              to be read-only.
  *
- *      modifyPrincipals -      allow the caller to modify the <code>Set</code>
+ *      modifyPrincipals -      allow the caller to modify the {@code Set}
  *                              of Principals associated with a
- *                              <code>Subject</code>
+ *                              {@code Subject}
  *
  *      modifyPublicCredentials - allow the caller to modify the
- *                              <code>Set</code> of public credentials
- *                              associated with a <code>Subject</code>
+ *                              {@code Set} of public credentials
+ *                              associated with a {@code Subject}
  *
  *      modifyPrivateCredentials - allow the caller to modify the
- *                              <code>Set</code> of private credentials
- *                              associated with a <code>Subject</code>
+ *                              {@code Set} of private credentials
+ *                              associated with a {@code Subject}
  *
- *      refreshCredential -     allow code to invoke the <code>refresh</code>
+ *      refreshCredential -     allow code to invoke the {@code refresh}
  *                              method on a credential which implements
- *                              the <code>Refreshable</code> interface.
+ *                              the {@code Refreshable} interface.
  *
- *      destroyCredential -     allow code to invoke the <code>destroy</code>
- *                              method on a credential <code>object</code>
- *                              which implements the <code>Destroyable</code>
+ *      destroyCredential -     allow code to invoke the {@code destroy}
+ *                              method on a credential {@code object}
+ *                              which implements the {@code Destroyable}
  *                              interface.
  *
  *      createLoginContext.{name} -  allow code to instantiate a
- *                              <code>LoginContext</code> with the
+ *                              {@code LoginContext} with the
  *                              specified <i>name</i>.  <i>name</i>
  *                              is used as the index into the installed login
- *                              <code>Configuration</code>
+ *                              {@code Configuration}
  *                              (that returned by
- *                              <code>Configuration.getConfiguration()</code>).
+ *                              {@code Configuration.getConfiguration()}).
  *                              <i>name</i> can be wildcarded (set to '*')
  *                              to allow for any name.
  *
@@ -93,7 +93,7 @@
  *
  *      createLoginConfiguration.{type} - allow code to obtain a Configuration
  *                              object via
- *                              <code>Configuration.getInstance</code>.
+ *                              {@code Configuration.getInstance}.
  *
  *      setLoginConfiguration - allow for the setting of the system-wide
  *                              login Configuration.
@@ -103,15 +103,15 @@
  * </pre>
  *
  * <p> The following target name has been deprecated in favor of
- * <code>createLoginContext.{name}</code>.
+ * {@code createLoginContext.{name}}.
  *
  * <pre>
  *      createLoginContext -    allow code to instantiate a
- *                              <code>LoginContext</code>.
+ *                              {@code LoginContext}.
  * </pre>
  *
- * <p> <code>javax.security.auth.Policy</code> has been
- * deprecated in favor of <code>java.security.Policy</code>.
+ * <p> {@code javax.security.auth.Policy} has been
+ * deprecated in favor of {@code java.security.Policy}.
  * Therefore, the following target names have also been deprecated:
  *
  * <pre>
@@ -139,8 +139,8 @@
      *
      * @param name the name of the AuthPermission
      *
-     * @throws NullPointerException if <code>name</code> is <code>null</code>.
-     * @throws IllegalArgumentException if <code>name</code> is empty.
+     * @throws NullPointerException if {@code name} is {@code null}.
+     * @throws IllegalArgumentException if {@code name} is empty.
      */
     public AuthPermission(String name) {
         // for backwards compatibility --
@@ -160,8 +160,8 @@
      *
      * @param actions should be null.
      *
-     * @throws NullPointerException if <code>name</code> is <code>null</code>.
-     * @throws IllegalArgumentException if <code>name</code> is empty.
+     * @throws NullPointerException if {@code name} is {@code null}.
+     * @throws IllegalArgumentException if {@code name} is empty.
      */
     public AuthPermission(String name, String actions) {
         // for backwards compatibility --
--- a/src/share/classes/javax/security/auth/DestroyFailedException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/DestroyFailedException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,10 +26,10 @@
 package javax.security.auth;
 
 /**
- * Signals that a <code>destroy</code> operation failed.
+ * Signals that a {@code destroy} operation failed.
  *
  * <p> This exception is thrown by credentials implementing
- * the <code>Destroyable</code> interface when the <code>destroy</code>
+ * the {@code Destroyable} interface when the {@code destroy}
  * method fails.
  *
  */
--- a/src/share/classes/javax/security/auth/Destroyable.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/Destroyable.java	Mon Jan 23 20:14:27 2017 +0000
@@ -34,28 +34,28 @@
 public interface Destroyable {
 
     /**
-     * Destroy this <code>Object</code>.
+     * Destroy this {@code Object}.
      *
-     * <p> Sensitive information associated with this <code>Object</code>
+     * <p> Sensitive information associated with this {@code Object}
      * is destroyed or cleared.  Subsequent calls to certain methods
-     * on this <code>Object</code> will result in an
-     * <code>IllegalStateException</code> being thrown.
+     * on this {@code Object} will result in an
+     * {@code IllegalStateException} being thrown.
      *
      * <p>
      *
      * @exception DestroyFailedException if the destroy operation fails. <p>
      *
      * @exception SecurityException if the caller does not have permission
-     *          to destroy this <code>Object</code>.
+     *          to destroy this {@code Object}.
      */
     void destroy() throws DestroyFailedException;
 
     /**
-     * Determine if this <code>Object</code> has been destroyed.
+     * Determine if this {@code Object} has been destroyed.
      *
      * <p>
      *
-     * @return true if this <code>Object</code> has been destroyed,
+     * @return true if this {@code Object} has been destroyed,
      *          false otherwise.
      */
     boolean isDestroyed();
--- a/src/share/classes/javax/security/auth/Policy.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/Policy.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -36,11 +36,11 @@
  * <p> This is an abstract class for representing the system policy for
  * Subject-based authorization.  A subclass implementation
  * of this class provides a means to specify a Subject-based
- * access control <code>Policy</code>.
+ * access control {@code Policy}.
  *
- * <p> A <code>Policy</code> object can be queried for the set of
+ * <p> A {@code Policy} object can be queried for the set of
  * Permissions granted to code running as a
- * <code>Principal</code> in the following manner:
+ * {@code Principal} in the following manner:
  *
  * <pre>
  *      policy = Policy.getPolicy();
@@ -48,20 +48,20 @@
  *                                                      codeSource);
  * </pre>
  *
- * The <code>Policy</code> object consults the local policy and returns
- * and appropriate <code>Permissions</code> object with the
+ * The {@code Policy} object consults the local policy and returns
+ * and appropriate {@code Permissions} object with the
  * Permissions granted to the Principals associated with the
  * provided <i>subject</i>, and granted to the code specified
  * by the provided <i>codeSource</i>.
  *
- * <p> A <code>Policy</code> contains the following information.
+ * <p> A {@code Policy} contains the following information.
  * Note that this example only represents the syntax for the default
- * <code>Policy</code> implementation. Subclass implementations of this class
+ * {@code Policy} implementation. Subclass implementations of this class
  * may implement alternative syntaxes and may retrieve the
- * <code>Policy</code> from any source such as files, databases,
+ * {@code Policy} from any source such as files, databases,
  * or servers.
  *
- * <p> Each entry in the <code>Policy</code> is represented as
+ * <p> Each entry in the {@code Policy} is represented as
  * a <b><i>grant</i></b> entry.  Each <b><i>grant</i></b> entry
  * specifies a codebase, code signers, and Principals triplet,
  * as well as the Permissions granted to that triplet.
@@ -88,23 +88,23 @@
  * </pre>
  *
  * This <b><i>grant</i></b> entry specifies that code from "foo.com",
- * signed by "foo', and running as a <code>SolarisPrincipal</code> with the
- * name, duke, has one <code>Permission</code>.  This <code>Permission</code>
+ * signed by "foo', and running as a {@code SolarisPrincipal} with the
+ * name, duke, has one {@code Permission}.  This {@code Permission}
  * permits the executing code to read and write files in the directory,
  * "/home/duke".
  *
- * <p> To "run" as a particular <code>Principal</code>,
- * code invokes the <code>Subject.doAs(subject, ...)</code> method.
+ * <p> To "run" as a particular {@code Principal},
+ * code invokes the {@code Subject.doAs(subject, ...)} method.
  * After invoking that method, the code runs as all the Principals
- * associated with the specified <code>Subject</code>.
- * Note that this <code>Policy</code> (and the Permissions
- * granted in this <code>Policy</code>) only become effective
- * after the call to <code>Subject.doAs</code> has occurred.
+ * associated with the specified {@code Subject}.
+ * Note that this {@code Policy} (and the Permissions
+ * granted in this {@code Policy}) only become effective
+ * after the call to {@code Subject.doAs} has occurred.
  *
  * <p> Multiple Principals may be listed within one <b><i>grant</i></b> entry.
  * All the Principals in the grant entry must be associated with
- * the <code>Subject</code> provided to <code>Subject.doAs</code>
- * for that <code>Subject</code> to be granted the specified Permissions.
+ * the {@code Subject} provided to {@code Subject.doAs}
+ * for that {@code Subject} to be granted the specified Permissions.
  *
  * <pre>
  *      grant Principal com.sun.security.auth.SolarisPrincipal "duke",
@@ -119,7 +119,7 @@
  * as well as permission to make socket connections to "duke.com".
  *
  * <p> Note that non Principal-based grant entries are not permitted
- * in this <code>Policy</code>.  Therefore, grant entries such as:
+ * in this {@code Policy}.  Therefore, grant entries such as:
  *
  * <pre>
  *      grant CodeBase "foo.com", Signedby "foo" {
@@ -128,7 +128,7 @@
  * </pre>
  *
  * are rejected.  Such permission must be listed in the
- * <code>java.security.Policy</code>.
+ * {@code java.security.Policy}.
  *
  * <p> The default <code>Policy</code> implementation can be changed by
  * setting the value of the "auth.policy.provider" security property
@@ -181,14 +181,14 @@
     /**
      * Returns the installed Policy object.
      * This method first calls
-     * <code>SecurityManager.checkPermission</code> with the
-     * <code>AuthPermission("getPolicy")</code> permission
+     * {@code SecurityManager.checkPermission} with the
+     * {@code AuthPermission("getPolicy")} permission
      * to ensure the caller has permission to get the Policy object.
      *
      * <p>
      *
      * @return the installed Policy.  The return value cannot be
-     *          <code>null</code>.
+     *          {@code null}.
      *
      * @exception java.lang.SecurityException if the current thread does not
      *      have permission to get the Policy object.
@@ -263,8 +263,8 @@
 
     /**
      * Sets the system-wide Policy object. This method first calls
-     * <code>SecurityManager.checkPermission</code> with the
-     * <code>AuthPermission("setPolicy")</code>
+     * {@code SecurityManager.checkPermission} with the
+     * {@code AuthPermission("setPolicy")}
      * permission to ensure the caller has permission to set the Policy.
      *
      * <p>
@@ -324,25 +324,25 @@
 
     /**
      * Retrieve the Permissions granted to the Principals associated with
-     * the specified <code>CodeSource</code>.
+     * the specified {@code CodeSource}.
      *
      * <p>
      *
-     * @param subject the <code>Subject</code>
+     * @param subject the {@code Subject}
      *                  whose associated Principals,
      *                  in conjunction with the provided
-     *                  <code>CodeSource</code>, determines the Permissions
+     *                  {@code CodeSource}, determines the Permissions
      *                  returned by this method.  This parameter
-     *                  may be <code>null</code>. <p>
+     *                  may be {@code null}. <p>
      *
-     * @param cs the code specified by its <code>CodeSource</code>
+     * @param cs the code specified by its {@code CodeSource}
      *                  that determines, in conjunction with the provided
-     *                  <code>Subject</code>, the Permissions
+     *                  {@code Subject}, the Permissions
      *                  returned by this method.  This parameter may be
-     *                  <code>null</code>.
+     *                  {@code null}.
      *
      * @return the Collection of Permissions granted to all the
-     *                  <code>Subject</code> and code specified in
+     *                  {@code Subject} and code specified in
      *                  the provided <i>subject</i> and <i>cs</i>
      *                  parameters.
      */
@@ -356,7 +356,7 @@
      * <p>This method causes this object to refresh/reload its current
      * Policy. This is implementation-dependent.
      * For example, if the Policy object is stored in
-     * a file, calling <code>refresh</code> will cause the file to be re-read.
+     * a file, calling {@code refresh} will cause the file to be re-read.
      *
      * <p>
      *
--- a/src/share/classes/javax/security/auth/PrivateCredentialPermission.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/PrivateCredentialPermission.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,10 +34,10 @@
 
 /**
  * This class is used to protect access to private Credentials
- * belonging to a particular <code>Subject</code>.  The <code>Subject</code>
+ * belonging to a particular {@code Subject}.  The {@code Subject}
  * is represented by a Set of Principals.
  *
- * <p> The target name of this <code>Permission</code> specifies
+ * <p> The target name of this {@code Permission} specifies
  * a Credential class name, and a Set of Principals.
  * The only valid value for this Permission's actions is, "read".
  * The target name must abide by the following syntax:
@@ -65,12 +65,12 @@
  *
  * If CredentialClass is "*", then access is granted to
  * all private Credentials belonging to the specified
- * <code>Subject</code>.
+ * {@code Subject}.
  * If "PrincipalName" is "*", then access is granted to the
- * specified Credential owned by any <code>Subject</code> that has the
- * specified <code>Principal</code> (the actual PrincipalName doesn't matter).
+ * specified Credential owned by any {@code Subject} that has the
+ * specified {@code Principal} (the actual PrincipalName doesn't matter).
  * For example, the following grants access to the
- * a.b.Credential owned by any <code>Subject</code> that has
+ * a.b.Credential owned by any {@code Subject} that has
  * an a.b.Principal.
  *
  * <pre>
@@ -83,7 +83,7 @@
  *
  * If both the PrincipalClass and "PrincipalName" are "*",
  * then access is granted to the specified Credential owned by
- * any <code>Subject</code>.
+ * any {@code Subject}.
  *
  * <p> In addition, the PrincipalClass/PrincipalName pairing may be repeated:
  *
@@ -96,7 +96,7 @@
  * </pre>
  *
  * The above grants access to the private Credential, "a.b.Credential",
- * belonging to a <code>Subject</code> with at least two associated Principals:
+ * belonging to a {@code Subject} with at least two associated Principals:
  * "a.b.Principal" with the name, "duke", and "c.d.Principal", with the name,
  * "dukette".
  *
@@ -115,7 +115,7 @@
     /**
      * @serial The Principals associated with this permission.
      *          The set contains elements of type,
-     *          <code>PrivateCredentialPermission.CredOwner</code>.
+     *          {@code PrivateCredentialPermission.CredOwner}.
      */
     private Set principals;  // ignored - kept around for compatibility
     private transient CredOwner[] credOwners;
@@ -126,8 +126,8 @@
     private boolean testing = false;
 
     /**
-     * Create a new <code>PrivateCredentialPermission</code>
-     * with the specified <code>credentialClass</code> and Principals.
+     * Create a new {@code PrivateCredentialPermission}
+     * with the specified {@code credentialClass} and Principals.
      */
     PrivateCredentialPermission(String credentialClass,
                         Set<Principal> principals) {
@@ -153,19 +153,19 @@
     }
 
     /**
-     * Creates a new <code>PrivateCredentialPermission</code>
-     * with the specified <code>name</code>.  The <code>name</code>
-     * specifies both a Credential class and a <code>Principal</code> Set.
+     * Creates a new {@code PrivateCredentialPermission}
+     * with the specified {@code name}.  The {@code name}
+     * specifies both a Credential class and a {@code Principal} Set.
      *
      * <p>
      *
      * @param name the name specifying the Credential class and
-     *          <code>Principal</code> Set. <p>
+     *          {@code Principal} Set. <p>
      *
      * @param actions the actions specifying that the Credential can be read.
      *
-     * @throws IllegalArgumentException if <code>name</code> does not conform
-     *          to the correct syntax or if <code>actions</code> is not "read".
+     * @throws IllegalArgumentException if {@code name} does not conform
+     *          to the correct syntax or if {@code actions} is not "read".
      */
     public PrivateCredentialPermission(String name, String actions) {
         super(name);
@@ -178,34 +178,34 @@
 
     /**
      * Returns the Class name of the Credential associated with this
-     * <code>PrivateCredentialPermission</code>.
+     * {@code PrivateCredentialPermission}.
      *
      * <p>
      *
      * @return the Class name of the Credential associated with this
-     *          <code>PrivateCredentialPermission</code>.
+     *          {@code PrivateCredentialPermission}.
      */
     public String getCredentialClass() {
         return credentialClass;
     }
 
     /**
-     * Returns the <code>Principal</code> classes and names
-     * associated with this <code>PrivateCredentialPermission</code>.
+     * Returns the {@code Principal} classes and names
+     * associated with this {@code PrivateCredentialPermission}.
      * The information is returned as a two-dimensional array (array[x][y]).
-     * The 'x' value corresponds to the number of <code>Principal</code>
+     * The 'x' value corresponds to the number of {@code Principal}
      * class and name pairs.  When (y==0), it corresponds to
-     * the <code>Principal</code> class value, and when (y==1),
-     * it corresponds to the <code>Principal</code> name value.
+     * the {@code Principal} class value, and when (y==1),
+     * it corresponds to the {@code Principal} name value.
      * For example, array[0][0] corresponds to the class name of
-     * the first <code>Principal</code> in the array.  array[0][1]
-     * corresponds to the <code>Principal</code> name of the
-     * first <code>Principal</code> in the array.
+     * the first {@code Principal} in the array.  array[0][1]
+     * corresponds to the {@code Principal} name of the
+     * first {@code Principal} in the array.
      *
      * <p>
      *
-     * @return the <code>Principal</code> class and names associated
-     *          with this <code>PrivateCredentialPermission</code>.
+     * @return the {@code Principal} class and names associated
+     *          with this {@code PrivateCredentialPermission}.
      */
     public String[][] getPrincipals() {
 
@@ -222,8 +222,8 @@
     }
 
     /**
-     * Checks if this <code>PrivateCredentialPermission</code> implies
-     * the specified <code>Permission</code>.
+     * Checks if this {@code PrivateCredentialPermission} implies
+     * the specified {@code Permission}.
      *
      * <p>
      *
@@ -241,10 +241,10 @@
      *
      * <p>
      *
-     * @param p the <code>Permission</code> to check against.
+     * @param p the {@code Permission} to check against.
      *
-     * @return true if this <code>PrivateCredentialPermission</code> implies
-     * the specified <code>Permission</code>, false if not.
+     * @return true if this {@code PrivateCredentialPermission} implies
+     * the specified {@code Permission}, false if not.
      */
     public boolean implies(Permission p) {
 
@@ -260,9 +260,9 @@
     }
 
     /**
-     * Checks two <code>PrivateCredentialPermission</code> objects for
+     * Checks two {@code PrivateCredentialPermission} objects for
      * equality.  Checks that <i>obj</i> is a
-     * <code>PrivateCredentialPermission</code>,
+     * {@code PrivateCredentialPermission},
      * and has the same credential class as this object,
      * as well as the same Principals as this object.
      * The order of the Principals in the respective Permission's
@@ -272,7 +272,7 @@
      *
      * @param obj the object we are testing for equality with this object.
      *
-     * @return true if obj is a <code>PrivateCredentialPermission</code>,
+     * @return true if obj is a {@code PrivateCredentialPermission},
      *          has the same credential class as this object,
      *          and has the same Principals as this object.
      */
@@ -311,9 +311,9 @@
 
     /**
      * Return a homogeneous collection of PrivateCredentialPermissions
-     * in a <code>PermissionCollection</code>.
-     * No such <code>PermissionCollection</code> is defined,
-     * so this method always returns <code>null</code>.
+     * in a {@code PermissionCollection}.
+     * No such {@code PermissionCollection} is defined,
+     * so this method always returns {@code null}.
      *
      * <p>
      *
--- a/src/share/classes/javax/security/auth/RefreshFailedException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/RefreshFailedException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,10 +26,10 @@
 package javax.security.auth;
 
 /**
- * Signals that a <code>refresh</code> operation failed.
+ * Signals that a {@code refresh} operation failed.
  *
  * <p> This exception is thrown by credentials implementing
- * the <code>Refreshable</code> interface when the <code>refresh</code>
+ * the {@code Refreshable} interface when the {@code refresh}
  * method fails.
  *
  */
--- a/src/share/classes/javax/security/auth/Refreshable.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/Refreshable.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -37,24 +37,24 @@
 public interface Refreshable {
 
     /**
-     * Determine if this <code>Object</code> is current.
+     * Determine if this {@code Object} is current.
      *
      * <p>
      *
-     * @return true if this <code>Object</code> is currently current,
+     * @return true if this {@code Object} is currently current,
      *          false otherwise.
      */
     boolean isCurrent();
 
     /**
      * Update or extend the validity period for this
-     * <code>Object</code>.
+     * {@code Object}.
      *
      * <p>
      *
      * @exception SecurityException if the caller does not have permission
      *          to update or extend the validity period for this
-     *          <code>Object</code>. <p>
+     *          {@code Object}. <p>
      *
      * @exception RefreshFailedException if the refresh attempt failed.
      */
--- a/src/share/classes/javax/security/auth/Subject.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/Subject.java	Mon Jan 23 20:14:27 2017 +0000
@@ -42,39 +42,39 @@
 import sun.security.util.ResourcesMgr;
 
 /**
- * <p> A <code>Subject</code> represents a grouping of related information
+ * <p> A {@code Subject} represents a grouping of related information
  * for a single entity, such as a person.
  * Such information includes the Subject's identities as well as
  * its security-related attributes
  * (passwords and cryptographic keys, for example).
  *
  * <p> Subjects may potentially have multiple identities.
- * Each identity is represented as a <code>Principal</code>
- * within the <code>Subject</code>.  Principals simply bind names to a
- * <code>Subject</code>.  For example, a <code>Subject</code> that happens
+ * Each identity is represented as a {@code Principal}
+ * within the {@code Subject}.  Principals simply bind names to a
+ * {@code Subject}.  For example, a {@code Subject} that happens
  * to be a person, Alice, might have two Principals:
  * one which binds "Alice Bar", the name on her driver license,
- * to the <code>Subject</code>, and another which binds,
+ * to the {@code Subject}, and another which binds,
  * "999-99-9999", the number on her student identification card,
- * to the <code>Subject</code>.  Both Principals refer to the same
- * <code>Subject</code> even though each has a different name.
+ * to the {@code Subject}.  Both Principals refer to the same
+ * {@code Subject} even though each has a different name.
  *
- * <p> A <code>Subject</code> may also own security-related attributes,
+ * <p> A {@code Subject} may also own security-related attributes,
  * which are referred to as credentials.
  * Sensitive credentials that require special protection, such as
  * private cryptographic keys, are stored within a private credential
- * <code>Set</code>.  Credentials intended to be shared, such as
+ * {@code Set}.  Credentials intended to be shared, such as
  * public key certificates or Kerberos server tickets are stored
- * within a public credential <code>Set</code>.  Different permissions
+ * within a public credential {@code Set}.  Different permissions
  * are required to access and modify the different credential Sets.
  *
- * <p> To retrieve all the Principals associated with a <code>Subject</code>,
- * invoke the <code>getPrincipals</code> method.  To retrieve
- * all the public or private credentials belonging to a <code>Subject</code>,
- * invoke the <code>getPublicCredentials</code> method or
- * <code>getPrivateCredentials</code> method, respectively.
- * To modify the returned <code>Set</code> of Principals and credentials,
- * use the methods defined in the <code>Set</code> class.
+ * <p> To retrieve all the Principals associated with a {@code Subject},
+ * invoke the {@code getPrincipals} method.  To retrieve
+ * all the public or private credentials belonging to a {@code Subject},
+ * invoke the {@code getPublicCredentials} method or
+ * {@code getPrivateCredentials} method, respectively.
+ * To modify the returned {@code Set} of Principals and credentials,
+ * use the methods defined in the {@code Set} class.
  * For example:
  * <pre>
  *      Subject subject;
@@ -86,13 +86,13 @@
  *      subject.getPublicCredentials().add(credential);
  * </pre>
  *
- * <p> This <code>Subject</code> class implements <code>Serializable</code>.
- * While the Principals associated with the <code>Subject</code> are serialized,
- * the credentials associated with the <code>Subject</code> are not.
- * Note that the <code>java.security.Principal</code> class
- * does not implement <code>Serializable</code>.  Therefore all concrete
- * <code>Principal</code> implementations associated with Subjects
- * must implement <code>Serializable</code>.
+ * <p> This {@code Subject} class implements {@code Serializable}.
+ * While the Principals associated with the {@code Subject} are serialized,
+ * the credentials associated with the {@code Subject} are not.
+ * Note that the {@code java.security.Principal} class
+ * does not implement {@code Serializable}.  Therefore all concrete
+ * {@code Principal} implementations associated with Subjects
+ * must implement {@code Serializable}.
  *
  * @see java.security.Principal
  * @see java.security.DomainCombiner
@@ -102,14 +102,14 @@
     private static final long serialVersionUID = -8308522755600156056L;
 
     /**
-     * A <code>Set</code> that provides a view of all of this
+     * A {@code Set} that provides a view of all of this
      * Subject's Principals
      *
      * <p>
      *
      * @serial Each element in this set is a
-     *          <code>java.security.Principal</code>.
-     *          The set is a <code>Subject.SecureSet</code>.
+     *          {@code java.security.Principal}.
+     *          The set is a {@code Subject.SecureSet}.
      */
     Set<Principal> principals;
 
@@ -135,21 +135,21 @@
         = new ProtectionDomain[0];
 
     /**
-     * Create an instance of a <code>Subject</code>
-     * with an empty <code>Set</code> of Principals and empty
+     * Create an instance of a {@code Subject}
+     * with an empty {@code Set} of Principals and empty
      * Sets of public and private credentials.
      *
-     * <p> The newly constructed Sets check whether this <code>Subject</code>
+     * <p> The newly constructed Sets check whether this {@code Subject}
      * has been set read-only before permitting subsequent modifications.
      * The newly created Sets also prevent illegal modifications
      * by ensuring that callers have sufficient permissions.
      *
      * <p> To modify the Principals Set, the caller must have
-     * <code>AuthPermission("modifyPrincipals")</code>.
+     * {@code AuthPermission("modifyPrincipals")}.
      * To modify the public credential Set, the caller must have
-     * <code>AuthPermission("modifyPublicCredentials")</code>.
+     * {@code AuthPermission("modifyPublicCredentials")}.
      * To modify the private credential Set, the caller must have
-     * <code>AuthPermission("modifyPrivateCredentials")</code>.
+     * {@code AuthPermission("modifyPrivateCredentials")}.
      */
     public Subject() {
 
@@ -162,39 +162,39 @@
     }
 
     /**
-     * Create an instance of a <code>Subject</code> with
+     * Create an instance of a {@code Subject} with
      * Principals and credentials.
      *
      * <p> The Principals and credentials from the specified Sets
      * are copied into newly constructed Sets.
-     * These newly created Sets check whether this <code>Subject</code>
+     * These newly created Sets check whether this {@code Subject}
      * has been set read-only before permitting subsequent modifications.
      * The newly created Sets also prevent illegal modifications
      * by ensuring that callers have sufficient permissions.
      *
      * <p> To modify the Principals Set, the caller must have
-     * <code>AuthPermission("modifyPrincipals")</code>.
+     * {@code AuthPermission("modifyPrincipals")}.
      * To modify the public credential Set, the caller must have
-     * <code>AuthPermission("modifyPublicCredentials")</code>.
+     * {@code AuthPermission("modifyPublicCredentials")}.
      * To modify the private credential Set, the caller must have
-     * <code>AuthPermission("modifyPrivateCredentials")</code>.
+     * {@code AuthPermission("modifyPrivateCredentials")}.
      * <p>
      *
-     * @param readOnly true if the <code>Subject</code> is to be read-only,
+     * @param readOnly true if the {@code Subject} is to be read-only,
      *          and false otherwise. <p>
      *
-     * @param principals the <code>Set</code> of Principals
-     *          to be associated with this <code>Subject</code>. <p>
+     * @param principals the {@code Set} of Principals
+     *          to be associated with this {@code Subject}. <p>
      *
-     * @param pubCredentials the <code>Set</code> of public credentials
-     *          to be associated with this <code>Subject</code>. <p>
+     * @param pubCredentials the {@code Set} of public credentials
+     *          to be associated with this {@code Subject}. <p>
      *
-     * @param privCredentials the <code>Set</code> of private credentials
-     *          to be associated with this <code>Subject</code>.
+     * @param privCredentials the {@code Set} of private credentials
+     *          to be associated with this {@code Subject}.
      *
      * @exception NullPointerException if the specified
-     *          <code>principals</code>, <code>pubCredentials</code>,
-     *          or <code>privCredentials</code> are <code>null</code>.
+     *          {@code principals}, {@code pubCredentials},
+     *          or {@code privCredentials} are {@code null}.
      */
     public Subject(boolean readOnly, Set<? extends Principal> principals,
                    Set<?> pubCredentials, Set<?> privCredentials)
@@ -216,24 +216,24 @@
     }
 
     /**
-     * Set this <code>Subject</code> to be read-only.
+     * Set this {@code Subject} to be read-only.
      *
      * <p> Modifications (additions and removals) to this Subject's
-     * <code>Principal</code> <code>Set</code> and
+     * {@code Principal} {@code Set} and
      * credential Sets will be disallowed.
-     * The <code>destroy</code> operation on this Subject's credentials will
+     * The {@code destroy} operation on this Subject's credentials will
      * still be permitted.
      *
-     * <p> Subsequent attempts to modify the Subject's <code>Principal</code>
+     * <p> Subsequent attempts to modify the Subject's {@code Principal}
      * and credential Sets will result in an
-     * <code>IllegalStateException</code> being thrown.
-     * Also, once a <code>Subject</code> is read-only,
+     * {@code IllegalStateException} being thrown.
+     * Also, once a {@code Subject} is read-only,
      * it can not be reset to being writable again.
      *
      * <p>
      *
      * @exception SecurityException if the caller does not have permission
-     *          to set this <code>Subject</code> to be read-only.
+     *          to set this {@code Subject} to be read-only.
      */
     public void setReadOnly() {
         java.lang.SecurityManager sm = System.getSecurityManager();
@@ -245,40 +245,40 @@
     }
 
     /**
-     * Query whether this <code>Subject</code> is read-only.
+     * Query whether this {@code Subject} is read-only.
      *
      * <p>
      *
-     * @return true if this <code>Subject</code> is read-only, false otherwise.
+     * @return true if this {@code Subject} is read-only, false otherwise.
      */
     public boolean isReadOnly() {
         return this.readOnly;
     }
 
     /**
-     * Get the <code>Subject</code> associated with the provided
-     * <code>AccessControlContext</code>.
+     * Get the {@code Subject} associated with the provided
+     * {@code AccessControlContext}.
      *
-     * <p> The <code>AccessControlContext</code> may contain many
-     * Subjects (from nested <code>doAs</code> calls).
-     * In this situation, the most recent <code>Subject</code> associated
-     * with the <code>AccessControlContext</code> is returned.
+     * <p> The {@code AccessControlContext} may contain many
+     * Subjects (from nested {@code doAs} calls).
+     * In this situation, the most recent {@code Subject} associated
+     * with the {@code AccessControlContext} is returned.
      *
      * <p>
      *
-     * @param  acc the <code>AccessControlContext</code> from which to retrieve
-     *          the <code>Subject</code>.
+     * @param  acc the {@code AccessControlContext} from which to retrieve
+     *          the {@code Subject}.
      *
-     * @return  the <code>Subject</code> associated with the provided
-     *          <code>AccessControlContext</code>, or <code>null</code>
-     *          if no <code>Subject</code> is associated
-     *          with the provided <code>AccessControlContext</code>.
+     * @return  the {@code Subject} associated with the provided
+     *          {@code AccessControlContext}, or {@code null}
+     *          if no {@code Subject} is associated
+     *          with the provided {@code AccessControlContext}.
      *
      * @exception SecurityException if the caller does not have permission
-     *          to get the <code>Subject</code>. <p>
+     *          to get the {@code Subject}. <p>
      *
      * @exception NullPointerException if the provided
-     *          <code>AccessControlContext</code> is <code>null</code>.
+     *          {@code AccessControlContext} is {@code null}.
      */
     public static Subject getSubject(final AccessControlContext acc) {
 
@@ -306,33 +306,33 @@
     }
 
     /**
-     * Perform work as a particular <code>Subject</code>.
+     * Perform work as a particular {@code Subject}.
      *
      * <p> This method first retrieves the current Thread's
-     * <code>AccessControlContext</code> via
-     * <code>AccessController.getContext</code>,
-     * and then instantiates a new <code>AccessControlContext</code>
+     * {@code AccessControlContext} via
+     * {@code AccessController.getContext},
+     * and then instantiates a new {@code AccessControlContext}
      * using the retrieved context along with a new
-     * <code>SubjectDomainCombiner</code> (constructed using
-     * the provided <code>Subject</code>).
-     * Finally, this method invokes <code>AccessController.doPrivileged</code>,
-     * passing it the provided <code>PrivilegedAction</code>,
-     * as well as the newly constructed <code>AccessControlContext</code>.
+     * {@code SubjectDomainCombiner} (constructed using
+     * the provided {@code Subject}).
+     * Finally, this method invokes {@code AccessController.doPrivileged},
+     * passing it the provided {@code PrivilegedAction},
+     * as well as the newly constructed {@code AccessControlContext}.
      *
      * <p>
      *
-     * @param subject the <code>Subject</code> that the specified
-     *                  <code>action</code> will run as.  This parameter
-     *                  may be <code>null</code>. <p>
+     * @param subject the {@code Subject} that the specified
+     *                  {@code action} will run as.  This parameter
+     *                  may be {@code null}. <p>
      *
      * @param action the code to be run as the specified
-     *                  <code>Subject</code>. <p>
+     *                  {@code Subject}. <p>
      *
      * @return the value returned by the PrivilegedAction's
-     *                  <code>run</code> method.
+     *                  {@code run} method.
      *
-     * @exception NullPointerException if the <code>PrivilegedAction</code>
-     *                  is <code>null</code>. <p>
+     * @exception NullPointerException if the {@code PrivilegedAction}
+     *                  is {@code null}. <p>
      *
      * @exception SecurityException if the caller does not have permission
      *                  to invoke this method.
@@ -359,38 +359,38 @@
     }
 
     /**
-     * Perform work as a particular <code>Subject</code>.
+     * Perform work as a particular {@code Subject}.
      *
      * <p> This method first retrieves the current Thread's
-     * <code>AccessControlContext</code> via
-     * <code>AccessController.getContext</code>,
-     * and then instantiates a new <code>AccessControlContext</code>
+     * {@code AccessControlContext} via
+     * {@code AccessController.getContext},
+     * and then instantiates a new {@code AccessControlContext}
      * using the retrieved context along with a new
-     * <code>SubjectDomainCombiner</code> (constructed using
-     * the provided <code>Subject</code>).
-     * Finally, this method invokes <code>AccessController.doPrivileged</code>,
-     * passing it the provided <code>PrivilegedExceptionAction</code>,
-     * as well as the newly constructed <code>AccessControlContext</code>.
+     * {@code SubjectDomainCombiner} (constructed using
+     * the provided {@code Subject}).
+     * Finally, this method invokes {@code AccessController.doPrivileged},
+     * passing it the provided {@code PrivilegedExceptionAction},
+     * as well as the newly constructed {@code AccessControlContext}.
      *
      * <p>
      *
-     * @param subject the <code>Subject</code> that the specified
-     *                  <code>action</code> will run as.  This parameter
-     *                  may be <code>null</code>. <p>
+     * @param subject the {@code Subject} that the specified
+     *                  {@code action} will run as.  This parameter
+     *                  may be {@code null}. <p>
      *
      * @param action the code to be run as the specified
-     *                  <code>Subject</code>. <p>
+     *                  {@code Subject}. <p>
      *
      * @return the value returned by the
-     *                  PrivilegedExceptionAction's <code>run</code> method.
+     *                  PrivilegedExceptionAction's {@code run} method.
      *
      * @exception PrivilegedActionException if the
-     *                  <code>PrivilegedExceptionAction.run</code>
+     *                  {@code PrivilegedExceptionAction.run}
      *                  method throws a checked exception. <p>
      *
      * @exception NullPointerException if the specified
-     *                  <code>PrivilegedExceptionAction</code> is
-     *                  <code>null</code>. <p>
+     *                  {@code PrivilegedExceptionAction} is
+     *                  {@code null}. <p>
      *
      * @exception SecurityException if the caller does not have permission
      *                  to invoke this method.
@@ -418,33 +418,33 @@
     }
 
     /**
-     * Perform privileged work as a particular <code>Subject</code>.
+     * Perform privileged work as a particular {@code Subject}.
      *
-     * <p> This method behaves exactly as <code>Subject.doAs</code>,
+     * <p> This method behaves exactly as {@code Subject.doAs},
      * except that instead of retrieving the current Thread's
-     * <code>AccessControlContext</code>, it uses the provided
-     * <code>AccessControlContext</code>.  If the provided
-     * <code>AccessControlContext</code> is <code>null</code>,
-     * this method instantiates a new <code>AccessControlContext</code>
+     * {@code AccessControlContext}, it uses the provided
+     * {@code AccessControlContext}.  If the provided
+     * {@code AccessControlContext} is {@code null},
+     * this method instantiates a new {@code AccessControlContext}
      * with an empty collection of ProtectionDomains.
      *
      * <p>
      *
-     * @param subject the <code>Subject</code> that the specified
-     *                  <code>action</code> will run as.  This parameter
-     *                  may be <code>null</code>. <p>
+     * @param subject the {@code Subject} that the specified
+     *                  {@code action} will run as.  This parameter
+     *                  may be {@code null}. <p>
      *
      * @param action the code to be run as the specified
-     *                  <code>Subject</code>. <p>
+     *                  {@code Subject}. <p>
      *
-     * @param acc the <code>AccessControlContext</code> to be tied to the
+     * @param acc the {@code AccessControlContext} to be tied to the
      *                  specified <i>subject</i> and <i>action</i>. <p>
      *
      * @return the value returned by the PrivilegedAction's
-     *                  <code>run</code> method.
+     *                  {@code run} method.
      *
-     * @exception NullPointerException if the <code>PrivilegedAction</code>
-     *                  is <code>null</code>. <p>
+     * @exception NullPointerException if the {@code PrivilegedAction}
+     *                  is {@code null}. <p>
      *
      * @exception SecurityException if the caller does not have permission
      *                  to invoke this method.
@@ -476,38 +476,38 @@
     }
 
     /**
-     * Perform privileged work as a particular <code>Subject</code>.
+     * Perform privileged work as a particular {@code Subject}.
      *
-     * <p> This method behaves exactly as <code>Subject.doAs</code>,
+     * <p> This method behaves exactly as {@code Subject.doAs},
      * except that instead of retrieving the current Thread's
-     * <code>AccessControlContext</code>, it uses the provided
-     * <code>AccessControlContext</code>.  If the provided
-     * <code>AccessControlContext</code> is <code>null</code>,
-     * this method instantiates a new <code>AccessControlContext</code>
+     * {@code AccessControlContext}, it uses the provided
+     * {@code AccessControlContext}.  If the provided
+     * {@code AccessControlContext} is {@code null},
+     * this method instantiates a new {@code AccessControlContext}
      * with an empty collection of ProtectionDomains.
      *
      * <p>
      *
-     * @param subject the <code>Subject</code> that the specified
-     *                  <code>action</code> will run as.  This parameter
-     *                  may be <code>null</code>. <p>
+     * @param subject the {@code Subject} that the specified
+     *                  {@code action} will run as.  This parameter
+     *                  may be {@code null}. <p>
      *
      * @param action the code to be run as the specified
-     *                  <code>Subject</code>. <p>
+     *                  {@code Subject}. <p>
      *
-     * @param acc the <code>AccessControlContext</code> to be tied to the
+     * @param acc the {@code AccessControlContext} to be tied to the
      *                  specified <i>subject</i> and <i>action</i>. <p>
      *
      * @return the value returned by the
-     *                  PrivilegedExceptionAction's <code>run</code> method.
+     *                  PrivilegedExceptionAction's {@code run} method.
      *
      * @exception PrivilegedActionException if the
-     *                  <code>PrivilegedExceptionAction.run</code>
+     *                  {@code PrivilegedExceptionAction.run}
      *                  method throws a checked exception. <p>
      *
      * @exception NullPointerException if the specified
-     *                  <code>PrivilegedExceptionAction</code> is
-     *                  <code>null</code>. <p>
+     *                  {@code PrivilegedExceptionAction} is
+     *                  {@code null}. <p>
      *
      * @exception SecurityException if the caller does not have permission
      *                  to invoke this method.
@@ -556,19 +556,19 @@
     }
 
     /**
-     * Return the <code>Set</code> of Principals associated with this
-     * <code>Subject</code>.  Each <code>Principal</code> represents
-     * an identity for this <code>Subject</code>.
+     * Return the {@code Set} of Principals associated with this
+     * {@code Subject}.  Each {@code Principal} represents
+     * an identity for this {@code Subject}.
      *
-     * <p> The returned <code>Set</code> is backed by this Subject's
-     * internal <code>Principal</code> <code>Set</code>.  Any modification
-     * to the returned <code>Set</code> affects the internal
-     * <code>Principal</code> <code>Set</code> as well.
+     * <p> The returned {@code Set} is backed by this Subject's
+     * internal {@code Principal} {@code Set}.  Any modification
+     * to the returned {@code Set} affects the internal
+     * {@code Principal} {@code Set} as well.
      *
      * <p>
      *
-     * @return  The <code>Set</code> of Principals associated with this
-     *          <code>Subject</code>.
+     * @return  The {@code Set} of Principals associated with this
+     *          {@code Subject}.
      */
     public Set<Principal> getPrincipals() {
 
@@ -578,26 +578,26 @@
     }
 
     /**
-     * Return a <code>Set</code> of Principals associated with this
-     * <code>Subject</code> that are instances or subclasses of the specified
-     * <code>Class</code>.
+     * Return a {@code Set} of Principals associated with this
+     * {@code Subject} that are instances or subclasses of the specified
+     * {@code Class}.
      *
-     * <p> The returned <code>Set</code> is not backed by this Subject's
-     * internal <code>Principal</code> <code>Set</code>.  A new
-     * <code>Set</code> is created and returned for each method invocation.
-     * Modifications to the returned <code>Set</code>
-     * will not affect the internal <code>Principal</code> <code>Set</code>.
+     * <p> The returned {@code Set} is not backed by this Subject's
+     * internal {@code Principal} {@code Set}.  A new
+     * {@code Set} is created and returned for each method invocation.
+     * Modifications to the returned {@code Set}
+     * will not affect the internal {@code Principal} {@code Set}.
      *
      * <p>
      *
-     * @param c the returned <code>Set</code> of Principals will all be
+     * @param c the returned {@code Set} of Principals will all be
      *          instances of this class.
      *
-     * @return a <code>Set</code> of Principals that are instances of the
-     *          specified <code>Class</code>.
+     * @return a {@code Set} of Principals that are instances of the
+     *          specified {@code Class}.
      *
-     * @exception NullPointerException if the specified <code>Class</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the specified {@code Class}
+     *                  is {@code null}.
      */
     public <T extends Principal> Set<T> getPrincipals(Class<T> c) {
 
@@ -611,18 +611,18 @@
     }
 
     /**
-     * Return the <code>Set</code> of public credentials held by this
-     * <code>Subject</code>.
+     * Return the {@code Set} of public credentials held by this
+     * {@code Subject}.
      *
-     * <p> The returned <code>Set</code> is backed by this Subject's
-     * internal public Credential <code>Set</code>.  Any modification
-     * to the returned <code>Set</code> affects the internal public
-     * Credential <code>Set</code> as well.
+     * <p> The returned {@code Set} is backed by this Subject's
+     * internal public Credential {@code Set}.  Any modification
+     * to the returned {@code Set} affects the internal public
+     * Credential {@code Set} as well.
      *
      * <p>
      *
-     * @return  A <code>Set</code> of public credentials held by this
-     *          <code>Subject</code>.
+     * @return  A {@code Set} of public credentials held by this
+     *          {@code Subject}.
      */
     public Set<Object> getPublicCredentials() {
 
@@ -632,29 +632,29 @@
     }
 
     /**
-     * Return the <code>Set</code> of private credentials held by this
-     * <code>Subject</code>.
+     * Return the {@code Set} of private credentials held by this
+     * {@code Subject}.
      *
-     * <p> The returned <code>Set</code> is backed by this Subject's
-     * internal private Credential <code>Set</code>.  Any modification
-     * to the returned <code>Set</code> affects the internal private
-     * Credential <code>Set</code> as well.
+     * <p> The returned {@code Set} is backed by this Subject's
+     * internal private Credential {@code Set}.  Any modification
+     * to the returned {@code Set} affects the internal private
+     * Credential {@code Set} as well.
      *
      * <p> A caller requires permissions to access the Credentials
-     * in the returned <code>Set</code>, or to modify the
-     * <code>Set</code> itself.  A <code>SecurityException</code>
+     * in the returned {@code Set}, or to modify the
+     * {@code Set} itself.  A {@code SecurityException}
      * is thrown if the caller does not have the proper permissions.
      *
-     * <p> While iterating through the <code>Set</code>,
-     * a <code>SecurityException</code> is thrown
+     * <p> While iterating through the {@code Set},
+     * a {@code SecurityException} is thrown
      * if the caller does not have permission to access a
-     * particular Credential.  The <code>Iterator</code>
-     * is nevertheless advanced to next element in the <code>Set</code>.
+     * particular Credential.  The {@code Iterator}
+     * is nevertheless advanced to next element in the {@code Set}.
      *
      * <p>
      *
-     * @return  A <code>Set</code> of private credentials held by this
-     *          <code>Subject</code>.
+     * @return  A {@code Set} of private credentials held by this
+     *          {@code Subject}.
      */
     public Set<Object> getPrivateCredentials() {
 
@@ -672,26 +672,26 @@
     }
 
     /**
-     * Return a <code>Set</code> of public credentials associated with this
-     * <code>Subject</code> that are instances or subclasses of the specified
-     * <code>Class</code>.
+     * Return a {@code Set} of public credentials associated with this
+     * {@code Subject} that are instances or subclasses of the specified
+     * {@code Class}.
      *
-     * <p> The returned <code>Set</code> is not backed by this Subject's
-     * internal public Credential <code>Set</code>.  A new
-     * <code>Set</code> is created and returned for each method invocation.
-     * Modifications to the returned <code>Set</code>
-     * will not affect the internal public Credential <code>Set</code>.
+     * <p> The returned {@code Set} is not backed by this Subject's
+     * internal public Credential {@code Set}.  A new
+     * {@code Set} is created and returned for each method invocation.
+     * Modifications to the returned {@code Set}
+     * will not affect the internal public Credential {@code Set}.
      *
      * <p>
      *
-     * @param c the returned <code>Set</code> of public credentials will all be
+     * @param c the returned {@code Set} of public credentials will all be
      *          instances of this class.
      *
-     * @return a <code>Set</code> of public credentials that are instances
-     *          of the  specified <code>Class</code>.
+     * @return a {@code Set} of public credentials that are instances
+     *          of the  specified {@code Class}.
      *
-     * @exception NullPointerException if the specified <code>Class</code>
-     *          is <code>null</code>.
+     * @exception NullPointerException if the specified {@code Class}
+     *          is {@code null}.
      */
     public <T> Set<T> getPublicCredentials(Class<T> c) {
 
@@ -705,30 +705,30 @@
     }
 
     /**
-     * Return a <code>Set</code> of private credentials associated with this
-     * <code>Subject</code> that are instances or subclasses of the specified
-     * <code>Class</code>.
+     * Return a {@code Set} of private credentials associated with this
+     * {@code Subject} that are instances or subclasses of the specified
+     * {@code Class}.
      *
      * <p> The caller must have permission to access all of the
-     * requested Credentials, or a <code>SecurityException</code>
+     * requested Credentials, or a {@code SecurityException}
      * will be thrown.
      *
-     * <p> The returned <code>Set</code> is not backed by this Subject's
-     * internal private Credential <code>Set</code>.  A new
-     * <code>Set</code> is created and returned for each method invocation.
-     * Modifications to the returned <code>Set</code>
-     * will not affect the internal private Credential <code>Set</code>.
+     * <p> The returned {@code Set} is not backed by this Subject's
+     * internal private Credential {@code Set}.  A new
+     * {@code Set} is created and returned for each method invocation.
+     * Modifications to the returned {@code Set}
+     * will not affect the internal private Credential {@code Set}.
      *
      * <p>
      *
-     * @param c the returned <code>Set</code> of private credentials will all be
+     * @param c the returned {@code Set} of private credentials will all be
      *          instances of this class.
      *
-     * @return a <code>Set</code> of private credentials that are instances
-     *          of the  specified <code>Class</code>.
+     * @return a {@code Set} of private credentials that are instances
+     *          of the  specified {@code Class}.
      *
-     * @exception NullPointerException if the specified <code>Class</code>
-     *          is <code>null</code>.
+     * @exception NullPointerException if the specified {@code Class}
+     *          is {@code null}.
      */
     public <T> Set<T> getPrivateCredentials(Class<T> c) {
 
@@ -750,25 +750,25 @@
     }
 
     /**
-     * Compares the specified Object with this <code>Subject</code>
+     * Compares the specified Object with this {@code Subject}
      * for equality.  Returns true if the given object is also a Subject
-     * and the two <code>Subject</code> instances are equivalent.
-     * More formally, two <code>Subject</code> instances are
-     * equal if their <code>Principal</code> and <code>Credential</code>
+     * and the two {@code Subject} instances are equivalent.
+     * More formally, two {@code Subject} instances are
+     * equal if their {@code Principal} and {@code Credential}
      * Sets are equal.
      *
      * <p>
      *
      * @param o Object to be compared for equality with this
-     *          <code>Subject</code>.
+     *          {@code Subject}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>Subject</code>.
+     *          {@code Subject}.
      *
      * @exception SecurityException if the caller does not have permission
-     *          to access the private credentials for this <code>Subject</code>,
+     *          to access the private credentials for this {@code Subject},
      *          or if the caller does not have permission to access the
-     *          private credentials for the provided <code>Subject</code>.
+     *          private credentials for the provided {@code Subject}.
      */
     public boolean equals(Object o) {
 
@@ -815,11 +815,11 @@
     }
 
     /**
-     * Return the String representation of this <code>Subject</code>.
+     * Return the String representation of this {@code Subject}.
      *
      * <p>
      *
-     * @return the String representation of this <code>Subject</code>.
+     * @return the String representation of this {@code Subject}.
      */
     public String toString() {
         return toString(true);
@@ -876,11 +876,11 @@
     }
 
     /**
-     * Returns a hashcode for this <code>Subject</code>.
+     * Returns a hashcode for this {@code Subject}.
      *
      * <p>
      *
-     * @return a hashcode for this <code>Subject</code>.
+     * @return a hashcode for this {@code Subject}.
      *
      * @exception SecurityException if the caller does not have permission
      *          to access this Subject's private credentials.
@@ -892,10 +892,10 @@
          * hashcodes of this Subject's Principals and credentials.
          *
          * If a particular credential was destroyed
-         * (<code>credential.hashCode()</code> throws an
-         * <code>IllegalStateException</code>),
+         * ({@code credential.hashCode()} throws an
+         * {@code IllegalStateException}),
          * the hashcode for that credential is derived via:
-         * <code>credential.getClass().toString().hashCode()</code>.
+         * {@code credential.getClass().toString().hashCode()}.
          */
 
         int hashCode = 0;
@@ -966,7 +966,7 @@
                         (new SecureSet<Principal>(this, PRINCIPAL_SET));
         }
 
-        // The Credential <code>Set</code> is not serialized, but we do not
+        // The Credential {@code Set} is not serialized, but we do not
         // want the default deserialization routine to set it to null.
         this.pubCredentials = Collections.synchronizedSet
                         (new SecureSet<Object>(this, PUB_CREDENTIAL_SET));
@@ -1000,13 +1000,13 @@
 
         /**
          * @serial An integer identifying the type of objects contained
-         *      in this set.  If <code>which == 1</code>,
+         *      in this set.  If {@code which == 1},
          *      this is a Principal set and all the elements are
-         *      of type <code>java.security.Principal</code>.
-         *      If <code>which == 2</code>, this is a public credential
-         *      set and all the elements are of type <code>Object</code>.
-         *      If <code>which == 3</code>, this is a private credential
-         *      set and all the elements are of type <code>Object</code>.
+         *      of type {@code java.security.Principal}.
+         *      If {@code which == 2}, this is a public credential
+         *      set and all the elements are of type {@code Object}.
+         *      If {@code which == 3}, this is a private credential
+         *      set and all the elements are of type {@code Object}.
          */
         private int which;
 
@@ -1328,7 +1328,7 @@
     }
 
     /**
-     * This class implements a <code>Set</code> which returns only
+     * This class implements a {@code Set} which returns only
      * members that are an instance of a specified Class.
      */
     private class ClassSet<T> extends AbstractSet<T> {
--- a/src/share/classes/javax/security/auth/SubjectDomainCombiner.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/SubjectDomainCombiner.java	Mon Jan 23 20:14:27 2017 +0000
@@ -41,9 +41,9 @@
 import sun.misc.JavaSecurityProtectionDomainAccess;
 
 /**
- * A <code>SubjectDomainCombiner</code> updates ProtectionDomains
- * with Principals from the <code>Subject</code> associated with this
- * <code>SubjectDomainCombiner</code>.
+ * A {@code SubjectDomainCombiner} updates ProtectionDomains
+ * with Principals from the {@code Subject} associated with this
+ * {@code SubjectDomainCombiner}.
  *
  */
 public class SubjectDomainCombiner implements java.security.DomainCombiner {
@@ -70,13 +70,13 @@
         SharedSecrets.getJavaSecurityProtectionDomainAccess();
 
     /**
-     * Associate the provided <code>Subject</code> with this
-     * <code>SubjectDomainCombiner</code>.
+     * Associate the provided {@code Subject} with this
+     * {@code SubjectDomainCombiner}.
      *
      * <p>
      *
-     * @param subject the <code>Subject</code> to be associated with
-     *          with this <code>SubjectDomainCombiner</code>.
+     * @param subject the {@code Subject} to be associated with
+     *          with this {@code SubjectDomainCombiner}.
      */
     public SubjectDomainCombiner(Subject subject) {
         this.subject = subject;
@@ -89,19 +89,19 @@
     }
 
     /**
-     * Get the <code>Subject</code> associated with this
-     * <code>SubjectDomainCombiner</code>.
+     * Get the {@code Subject} associated with this
+     * {@code SubjectDomainCombiner}.
      *
      * <p>
      *
-     * @return the <code>Subject</code> associated with this
-     *          <code>SubjectDomainCombiner</code>, or <code>null</code>
-     *          if no <code>Subject</code> is associated with this
-     *          <code>SubjectDomainCombiner</code>.
+     * @return the {@code Subject} associated with this
+     *          {@code SubjectDomainCombiner}, or {@code null}
+     *          if no {@code Subject} is associated with this
+     *          {@code SubjectDomainCombiner}.
      *
      * @exception SecurityException if the caller does not have permission
-     *          to get the <code>Subject</code> associated with this
-     *          <code>SubjectDomainCombiner</code>.
+     *          to get the {@code Subject} associated with this
+     *          {@code SubjectDomainCombiner}.
      */
     public Subject getSubject() {
         java.lang.SecurityManager sm = System.getSecurityManager();
@@ -114,18 +114,18 @@
 
     /**
      * Update the relevant ProtectionDomains with the Principals
-     * from the <code>Subject</code> associated with this
-     * <code>SubjectDomainCombiner</code>.
+     * from the {@code Subject} associated with this
+     * {@code SubjectDomainCombiner}.
      *
-     * <p> A new <code>ProtectionDomain</code> instance is created
-     * for each <code>ProtectionDomain</code> in the
-     * <i>currentDomains</i> array.  Each new <code>ProtectionDomain</code>
-     * instance is created using the <code>CodeSource</code>,
-     * <code>Permission</code>s and <code>ClassLoader</code>
-     * from the corresponding <code>ProtectionDomain</code> in
+     * <p> A new {@code ProtectionDomain} instance is created
+     * for each {@code ProtectionDomain} in the
+     * <i>currentDomains</i> array.  Each new {@code ProtectionDomain}
+     * instance is created using the {@code CodeSource},
+     * {@code Permission}s and {@code ClassLoader}
+     * from the corresponding {@code ProtectionDomain} in
      * <i>currentDomains</i>, as well as with the Principals from
-     * the <code>Subject</code> associated with this
-     * <code>SubjectDomainCombiner</code>.
+     * the {@code Subject} associated with this
+     * {@code SubjectDomainCombiner}.
      *
      * <p> All of the newly instantiated ProtectionDomains are
      * combined into a new array.  The ProtectionDomains from the
@@ -140,23 +140,23 @@
      *
      * @param currentDomains the ProtectionDomains associated with the
      *          current execution Thread, up to the most recent
-     *          privileged <code>ProtectionDomain</code>.
+     *          privileged {@code ProtectionDomain}.
      *          The ProtectionDomains are are listed in order of execution,
-     *          with the most recently executing <code>ProtectionDomain</code>
+     *          with the most recently executing {@code ProtectionDomain}
      *          residing at the beginning of the array. This parameter may
-     *          be <code>null</code> if the current execution Thread
+     *          be {@code null} if the current execution Thread
      *          has no associated ProtectionDomains.<p>
      *
      * @param assignedDomains the ProtectionDomains inherited from the
      *          parent Thread, or the ProtectionDomains from the
      *          privileged <i>context</i>, if a call to
      *          AccessController.doPrivileged(..., <i>context</i>)
-     *          had occurred  This parameter may be <code>null</code>
+     *          had occurred  This parameter may be {@code null}
      *          if there were no ProtectionDomains inherited from the
      *          parent Thread, or from the privileged <i>context</i>.
      *
      * @return a new array consisting of the updated ProtectionDomains,
-     *          or <code>null</code>.
+     *          or {@code null}.
      */
     public ProtectionDomain[] combine(ProtectionDomain[] currentDomains,
                                 ProtectionDomain[] assignedDomains) {
--- a/src/share/classes/javax/security/auth/callback/Callback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/callback/Callback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,14 +28,14 @@
 
 /**
  * <p> Implementations of this interface are passed to a
- * <code>CallbackHandler</code>, allowing underlying security services
+ * {@code CallbackHandler}, allowing underlying security services
  * the ability to interact with a calling application to retrieve specific
  * authentication data such as usernames and passwords, or to display
  * certain information, such as error and warning messages.
  *
- * <p> <code>Callback</code> implementations do not retrieve or
+ * <p> {@code Callback} implementations do not retrieve or
  * display the information requested by underlying security services.
- * <code>Callback</code> implementations simply provide the means
+ * {@code Callback} implementations simply provide the means
  * to pass such requests to applications, and for applications,
  * if appropriate, to return requested information back to the
  * underlying security services.
--- a/src/share/classes/javax/security/auth/callback/CallbackHandler.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/callback/CallbackHandler.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,7 +26,7 @@
 package javax.security.auth.callback;
 
 /**
- * <p> An application implements a <code>CallbackHandler</code> and passes
+ * <p> An application implements a {@code CallbackHandler} and passes
  * it to underlying security services so that they may interact with
  * the application to retrieve specific authentication data,
  * such as usernames and passwords, or to display certain information,
@@ -40,12 +40,12 @@
  *
  * <p> Underlying security services make requests for different types
  * of information by passing individual Callbacks to the
- * <code>CallbackHandler</code>.  The <code>CallbackHandler</code>
+ * {@code CallbackHandler}.  The {@code CallbackHandler}
  * implementation decides how to retrieve and display information
  * depending on the Callbacks passed to it.  For example,
  * if the underlying service needs a username and password to
- * authenticate a user, it uses a <code>NameCallback</code> and
- * <code>PasswordCallback</code>.  The <code>CallbackHandler</code>
+ * authenticate a user, it uses a {@code NameCallback} and
+ * {@code PasswordCallback}.  The {@code CallbackHandler}
  * can then choose to prompt for a username and password serially,
  * or to prompt for both in a single window.
  *
@@ -58,10 +58,10 @@
  * and specifies the directory where the JRE is installed.
  *
  * <p> If the security property is set to the fully qualified name of a
- * <code>CallbackHandler</code> implementation class,
- * then a <code>LoginContext</code> will load the specified
- * <code>CallbackHandler</code> and pass it to the underlying LoginModules.
- * The <code>LoginContext</code> only loads the default handler
+ * {@code CallbackHandler} implementation class,
+ * then a {@code LoginContext} will load the specified
+ * {@code CallbackHandler} and pass it to the underlying LoginModules.
+ * The {@code LoginContext} only loads the default handler
  * if it was not provided one.
  *
  * <p> All default handler implementations must provide a public
@@ -74,11 +74,11 @@
      * <p> Retrieve or display the information requested in the
      * provided Callbacks.
      *
-     * <p> The <code>handle</code> method implementation checks the
-     * instance(s) of the <code>Callback</code> object(s) passed in
+     * <p> The {@code handle} method implementation checks the
+     * instance(s) of the {@code Callback} object(s) passed in
      * to retrieve or display the requested information.
      * The following example is provided to help demonstrate what an
-     * <code>handle</code> method implementation might look like.
+     * {@code handle} method implementation might look like.
      * This example code is for guidance only.  Many details,
      * including proper error handling, are left out for simplicity.
      *
@@ -138,7 +138,7 @@
      * }
      * </pre>
      *
-     * @param callbacks an array of <code>Callback</code> objects provided
+     * @param callbacks an array of {@code Callback} objects provided
      *          by an underlying security service which contains
      *          the information requested to be retrieved or displayed.
      *
@@ -146,7 +146,7 @@
      *
      * @exception UnsupportedCallbackException if the implementation of this
      *          method does not support one or more of the Callbacks
-     *          specified in the <code>callbacks</code> parameter.
+     *          specified in the {@code callbacks} parameter.
      */
     void handle(Callback[] callbacks)
     throws java.io.IOException, UnsupportedCallbackException;
--- a/src/share/classes/javax/security/auth/callback/ChoiceCallback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/callback/ChoiceCallback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,8 +27,8 @@
 
 /**
  * <p> Underlying security services instantiate and pass a
- * <code>ChoiceCallback</code> to the <code>handle</code>
- * method of a <code>CallbackHandler</code> to display a list of choices
+ * {@code ChoiceCallback} to the {@code handle}
+ * method of a {@code CallbackHandler} to display a list of choices
  * and to retrieve the selected choice(s).
  *
  * @see javax.security.auth.callback.CallbackHandler
@@ -60,13 +60,13 @@
     private boolean multipleSelectionsAllowed;
     /**
      * @serial the selected choices, represented as indexes into the
-     *          <code>choices</code> list.
+     *          {@code choices} list.
      * @since 1.4
      */
     private int[] selections;
 
     /**
-     * Construct a <code>ChoiceCallback</code> with a prompt,
+     * Construct a {@code ChoiceCallback} with a prompt,
      * a list of choices, a default choice, and a boolean specifying
      * whether or not multiple selections from the list of choices are allowed.
      *
@@ -79,21 +79,21 @@
      * @param defaultChoice the choice to be used as the default choice
      *                  when the list of choices are displayed.  This value
      *                  is represented as an index into the
-     *                  <code>choices</code> array. <p>
+     *                  {@code choices} array. <p>
      *
      * @param multipleSelectionsAllowed boolean specifying whether or
      *                  not multiple selections can be made from the
      *                  list of choices.
      *
-     * @exception IllegalArgumentException if <code>prompt</code> is null,
-     *                  if <code>prompt</code> has a length of 0,
-     *                  if <code>choices</code> is null,
-     *                  if <code>choices</code> has a length of 0,
-     *                  if any element from <code>choices</code> is null,
-     *                  if any element from <code>choices</code>
-     *                  has a length of 0 or if <code>defaultChoice</code>
+     * @exception IllegalArgumentException if {@code prompt} is null,
+     *                  if {@code prompt} has a length of 0,
+     *                  if {@code choices} is null,
+     *                  if {@code choices} has a length of 0,
+     *                  if any element from {@code choices} is null,
+     *                  if any element from {@code choices}
+     *                  has a length of 0 or if {@code defaultChoice}
      *                  does not fall within the array boundaries of
-     *                  <code>choices</code>.
+     *                  {@code choices}.
      */
     public ChoiceCallback(String prompt, String[] choices,
                 int defaultChoice, boolean multipleSelectionsAllowed) {
@@ -142,7 +142,7 @@
      * <p>
      *
      * @return the defaultChoice, represented as an index into
-     *          the <code>choices</code> list.
+     *          the {@code choices} list.
      */
     public int getDefaultChoice() {
         return defaultChoice;
@@ -150,7 +150,7 @@
 
     /**
      * Get the boolean determining whether multiple selections from
-     * the <code>choices</code> list are allowed.
+     * the {@code choices} list are allowed.
      *
      * <p>
      *
@@ -166,7 +166,7 @@
      * <p>
      *
      * @param selection the selection represented as an index into the
-     *          <code>choices</code> list.
+     *          {@code choices} list.
      *
      * @see #getSelectedIndexes
      */
@@ -181,11 +181,11 @@
      * <p>
      *
      * @param selections the selections represented as indexes into the
-     *          <code>choices</code> list.
+     *          {@code choices} list.
      *
      * @exception UnsupportedOperationException if multiple selections are
      *          not allowed, as determined by
-     *          <code>allowMultipleSelections</code>.
+     *          {@code allowMultipleSelections}.
      *
      * @see #getSelectedIndexes
      */
@@ -201,7 +201,7 @@
      * <p>
      *
      * @return the selected choices, represented as indexes into the
-     *          <code>choices</code> list.
+     *          {@code choices} list.
      *
      * @see #setSelectedIndexes
      */
--- a/src/share/classes/javax/security/auth/callback/ConfirmationCallback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/callback/ConfirmationCallback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,8 +27,8 @@
 
 /**
  * <p> Underlying security services instantiate and pass a
- * <code>ConfirmationCallback</code> to the <code>handle</code>
- * method of a <code>CallbackHandler</code> to ask for YES/NO,
+ * {@code ConfirmationCallback} to the {@code handle}
+ * method of a {@code CallbackHandler} to ask for YES/NO,
  * OK/CANCEL, YES/NO/CANCEL or other similar confirmations.
  *
  * @see javax.security.auth.callback.CallbackHandler
@@ -40,9 +40,9 @@
     /**
      * Unspecified option type.
      *
-     * <p> The <code>getOptionType</code> method returns this
-     * value if this <code>ConfirmationCallback</code> was instantiated
-     * with <code>options</code> instead of an <code>optionType</code>.
+     * <p> The {@code getOptionType} method returns this
+     * value if this {@code ConfirmationCallback} was instantiated
+     * with {@code options} instead of an {@code optionType}.
      */
     public static final int UNSPECIFIED_OPTION          = -1;
 
@@ -50,9 +50,9 @@
      * YES/NO confirmation option.
      *
      * <p> An underlying security service specifies this as the
-     * <code>optionType</code> to a <code>ConfirmationCallback</code>
+     * {@code optionType} to a {@code ConfirmationCallback}
      * constructor if it requires a confirmation which can be answered
-     * with either <code>YES</code> or <code>NO</code>.
+     * with either {@code YES} or {@code NO}.
      */
     public static final int YES_NO_OPTION               = 0;
 
@@ -60,9 +60,9 @@
      * YES/NO/CANCEL confirmation confirmation option.
      *
      * <p> An underlying security service specifies this as the
-     * <code>optionType</code> to a <code>ConfirmationCallback</code>
+     * {@code optionType} to a {@code ConfirmationCallback}
      * constructor if it requires a confirmation which can be answered
-     * with either <code>YES</code>, <code>NO</code> or <code>CANCEL</code>.
+     * with either {@code YES}, {@code NO} or {@code CANCEL}.
      */
     public static final int YES_NO_CANCEL_OPTION        = 1;
 
@@ -70,45 +70,45 @@
      * OK/CANCEL confirmation confirmation option.
      *
      * <p> An underlying security service specifies this as the
-     * <code>optionType</code> to a <code>ConfirmationCallback</code>
+     * {@code optionType} to a {@code ConfirmationCallback}
      * constructor if it requires a confirmation which can be answered
-     * with either <code>OK</code> or <code>CANCEL</code>.
+     * with either {@code OK} or {@code CANCEL}.
      */
     public static final int OK_CANCEL_OPTION            = 2;
 
     /**
      * YES option.
      *
-     * <p> If an <code>optionType</code> was specified to this
-     * <code>ConfirmationCallback</code>, this option may be specified as a
-     * <code>defaultOption</code> or returned as the selected index.
+     * <p> If an {@code optionType} was specified to this
+     * {@code ConfirmationCallback}, this option may be specified as a
+     * {@code defaultOption} or returned as the selected index.
      */
     public static final int YES                         = 0;
 
     /**
      * NO option.
      *
-     * <p> If an <code>optionType</code> was specified to this
-     * <code>ConfirmationCallback</code>, this option may be specified as a
-     * <code>defaultOption</code> or returned as the selected index.
+     * <p> If an {@code optionType} was specified to this
+     * {@code ConfirmationCallback}, this option may be specified as a
+     * {@code defaultOption} or returned as the selected index.
      */
     public static final int NO                          = 1;
 
     /**
      * CANCEL option.
      *
-     * <p> If an <code>optionType</code> was specified to this
-     * <code>ConfirmationCallback</code>, this option may be specified as a
-     * <code>defaultOption</code> or returned as the selected index.
+     * <p> If an {@code optionType} was specified to this
+     * {@code ConfirmationCallback}, this option may be specified as a
+     * {@code defaultOption} or returned as the selected index.
      */
     public static final int CANCEL                      = 2;
 
     /**
      * OK option.
      *
-     * <p> If an <code>optionType</code> was specified to this
-     * <code>ConfirmationCallback</code>, this option may be specified as a
-     * <code>defaultOption</code> or returned as the selected index.
+     * <p> If an {@code optionType} was specified to this
+     * {@code ConfirmationCallback}, this option may be specified as a
+     * {@code defaultOption} or returned as the selected index.
      */
     public static final int OK                          = 3;
 
@@ -152,7 +152,7 @@
     private int selection;
 
     /**
-     * Construct a <code>ConfirmationCallback</code> with a
+     * Construct a {@code ConfirmationCallback} with a
      * message type, an option type and a default option.
      *
      * <p> Underlying security services use this constructor if
@@ -161,27 +161,27 @@
      *
      * <p>
      *
-     * @param messageType the message type (<code>INFORMATION</code>,
-     *                  <code>WARNING</code> or <code>ERROR</code>). <p>
+     * @param messageType the message type ({@code INFORMATION},
+     *                  {@code WARNING} or {@code ERROR}). <p>
      *
-     * @param optionType the option type (<code>YES_NO_OPTION</code>,
-     *                  <code>YES_NO_CANCEL_OPTION</code> or
-     *                  <code>OK_CANCEL_OPTION</code>). <p>
+     * @param optionType the option type ({@code YES_NO_OPTION},
+     *                  {@code YES_NO_CANCEL_OPTION} or
+     *                  {@code OK_CANCEL_OPTION}). <p>
      *
      * @param defaultOption the default option
-     *                  from the provided optionType (<code>YES</code>,
-     *                  <code>NO</code>, <code>CANCEL</code> or
-     *                  <code>OK</code>).
+     *                  from the provided optionType ({@code YES},
+     *                  {@code NO}, {@code CANCEL} or
+     *                  {@code OK}).
      *
      * @exception IllegalArgumentException if messageType is not either
-     *                  <code>INFORMATION</code>, <code>WARNING</code>,
-     *                  or <code>ERROR</code>, if optionType is not either
-     *                  <code>YES_NO_OPTION</code>,
-     *                  <code>YES_NO_CANCEL_OPTION</code>, or
-     *                  <code>OK_CANCEL_OPTION</code>,
-     *                  or if <code>defaultOption</code>
+     *                  {@code INFORMATION}, {@code WARNING},
+     *                  or {@code ERROR}, if optionType is not either
+     *                  {@code YES_NO_OPTION},
+     *                  {@code YES_NO_CANCEL_OPTION}, or
+     *                  {@code OK_CANCEL_OPTION},
+     *                  or if {@code defaultOption}
      *                  does not correspond to one of the options in
-     *                  <code>optionType</code>.
+     *                  {@code optionType}.
      */
     public ConfirmationCallback(int messageType,
                 int optionType, int defaultOption) {
@@ -212,35 +212,35 @@
     }
 
     /**
-     * Construct a <code>ConfirmationCallback</code> with a
+     * Construct a {@code ConfirmationCallback} with a
      * message type, a list of options and a default option.
      *
      * <p> Underlying security services use this constructor if
      * they require a confirmation different from the available preset
      * confirmations provided (for example, CONTINUE/ABORT or STOP/GO).
-     * The confirmation options are listed in the <code>options</code> array,
-     * and are displayed by the <code>CallbackHandler</code> implementation
+     * The confirmation options are listed in the {@code options} array,
+     * and are displayed by the {@code CallbackHandler} implementation
      * in a manner consistent with the way preset options are displayed.
      *
      * <p>
      *
-     * @param messageType the message type (<code>INFORMATION</code>,
-     *                  <code>WARNING</code> or <code>ERROR</code>). <p>
+     * @param messageType the message type ({@code INFORMATION},
+     *                  {@code WARNING} or {@code ERROR}). <p>
      *
      * @param options the list of confirmation options. <p>
      *
      * @param defaultOption the default option, represented as an index
-     *                  into the <code>options</code> array.
+     *                  into the {@code options} array.
      *
      * @exception IllegalArgumentException if messageType is not either
-     *                  <code>INFORMATION</code>, <code>WARNING</code>,
-     *                  or <code>ERROR</code>, if <code>options</code> is null,
-     *                  if <code>options</code> has a length of 0,
-     *                  if any element from <code>options</code> is null,
-     *                  if any element from <code>options</code>
-     *                  has a length of 0, or if <code>defaultOption</code>
+     *                  {@code INFORMATION}, {@code WARNING},
+     *                  or {@code ERROR}, if {@code options} is null,
+     *                  if {@code options} has a length of 0,
+     *                  if any element from {@code options} is null,
+     *                  if any element from {@code options}
+     *                  has a length of 0, or if {@code defaultOption}
      *                  does not lie within the array boundaries of
-     *                  <code>options</code>.
+     *                  {@code options}.
      */
     public ConfirmationCallback(int messageType,
                 String[] options, int defaultOption) {
@@ -261,7 +261,7 @@
     }
 
     /**
-     * Construct a <code>ConfirmationCallback</code> with a prompt,
+     * Construct a {@code ConfirmationCallback} with a prompt,
      * message type, an option type and a default option.
      *
      * <p> Underlying security services use this constructor if
@@ -272,29 +272,29 @@
      *
      * @param prompt the prompt used to describe the list of options. <p>
      *
-     * @param messageType the message type (<code>INFORMATION</code>,
-     *                  <code>WARNING</code> or <code>ERROR</code>). <p>
+     * @param messageType the message type ({@code INFORMATION},
+     *                  {@code WARNING} or {@code ERROR}). <p>
      *
-     * @param optionType the option type (<code>YES_NO_OPTION</code>,
-     *                  <code>YES_NO_CANCEL_OPTION</code> or
-     *                  <code>OK_CANCEL_OPTION</code>). <p>
+     * @param optionType the option type ({@code YES_NO_OPTION},
+     *                  {@code YES_NO_CANCEL_OPTION} or
+     *                  {@code OK_CANCEL_OPTION}). <p>
      *
      * @param defaultOption the default option
-     *                  from the provided optionType (<code>YES</code>,
-     *                  <code>NO</code>, <code>CANCEL</code> or
-     *                  <code>OK</code>).
+     *                  from the provided optionType ({@code YES},
+     *                  {@code NO}, {@code CANCEL} or
+     *                  {@code OK}).
      *
-     * @exception IllegalArgumentException if <code>prompt</code> is null,
-     *                  if <code>prompt</code> has a length of 0,
+     * @exception IllegalArgumentException if {@code prompt} is null,
+     *                  if {@code prompt} has a length of 0,
      *                  if messageType is not either
-     *                  <code>INFORMATION</code>, <code>WARNING</code>,
-     *                  or <code>ERROR</code>, if optionType is not either
-     *                  <code>YES_NO_OPTION</code>,
-     *                  <code>YES_NO_CANCEL_OPTION</code>, or
-     *                  <code>OK_CANCEL_OPTION</code>,
-     *                  or if <code>defaultOption</code>
+     *                  {@code INFORMATION}, {@code WARNING},
+     *                  or {@code ERROR}, if optionType is not either
+     *                  {@code YES_NO_OPTION},
+     *                  {@code YES_NO_CANCEL_OPTION}, or
+     *                  {@code OK_CANCEL_OPTION},
+     *                  or if {@code defaultOption}
      *                  does not correspond to one of the options in
-     *                  <code>optionType</code>.
+     *                  {@code optionType}.
      */
     public ConfirmationCallback(String prompt, int messageType,
                 int optionType, int defaultOption) {
@@ -327,39 +327,39 @@
     }
 
     /**
-     * Construct a <code>ConfirmationCallback</code> with a prompt,
+     * Construct a {@code ConfirmationCallback} with a prompt,
      * message type, a list of options and a default option.
      *
      * <p> Underlying security services use this constructor if
      * they require a confirmation different from the available preset
      * confirmations provided (for example, CONTINUE/ABORT or STOP/GO).
-     * The confirmation options are listed in the <code>options</code> array,
-     * and are displayed by the <code>CallbackHandler</code> implementation
+     * The confirmation options are listed in the {@code options} array,
+     * and are displayed by the {@code CallbackHandler} implementation
      * in a manner consistent with the way preset options are displayed.
      *
      * <p>
      *
      * @param prompt the prompt used to describe the list of options. <p>
      *
-     * @param messageType the message type (<code>INFORMATION</code>,
-     *                  <code>WARNING</code> or <code>ERROR</code>). <p>
+     * @param messageType the message type ({@code INFORMATION},
+     *                  {@code WARNING} or {@code ERROR}). <p>
      *
      * @param options the list of confirmation options. <p>
      *
      * @param defaultOption the default option, represented as an index
-     *                  into the <code>options</code> array.
+     *                  into the {@code options} array.
      *
-     * @exception IllegalArgumentException if <code>prompt</code> is null,
-     *                  if <code>prompt</code> has a length of 0,
+     * @exception IllegalArgumentException if {@code prompt} is null,
+     *                  if {@code prompt} has a length of 0,
      *                  if messageType is not either
-     *                  <code>INFORMATION</code>, <code>WARNING</code>,
-     *                  or <code>ERROR</code>, if <code>options</code> is null,
-     *                  if <code>options</code> has a length of 0,
-     *                  if any element from <code>options</code> is null,
-     *                  if any element from <code>options</code>
-     *                  has a length of 0, or if <code>defaultOption</code>
+     *                  {@code INFORMATION}, {@code WARNING},
+     *                  or {@code ERROR}, if {@code options} is null,
+     *                  if {@code options} has a length of 0,
+     *                  if any element from {@code options} is null,
+     *                  if any element from {@code options}
+     *                  has a length of 0, or if {@code defaultOption}
      *                  does not lie within the array boundaries of
-     *                  <code>options</code>.
+     *                  {@code options}.
      */
     public ConfirmationCallback(String prompt, int messageType,
                 String[] options, int defaultOption) {
@@ -386,8 +386,8 @@
      *
      * <p>
      *
-     * @return the prompt, or null if this <code>ConfirmationCallback</code>
-     *          was instantiated without a <code>prompt</code>.
+     * @return the prompt, or null if this {@code ConfirmationCallback}
+     *          was instantiated without a {@code prompt}.
      */
     public String getPrompt() {
         return prompt;
@@ -398,8 +398,8 @@
      *
      * <p>
      *
-     * @return the message type (<code>INFORMATION</code>,
-     *          <code>WARNING</code> or <code>ERROR</code>).
+     * @return the message type ({@code INFORMATION},
+     *          {@code WARNING} or {@code ERROR}).
      */
     public int getMessageType() {
         return messageType;
@@ -408,20 +408,20 @@
     /**
      * Get the option type.
      *
-     * <p> If this method returns <code>UNSPECIFIED_OPTION</code>, then this
-     * <code>ConfirmationCallback</code> was instantiated with
-     * <code>options</code> instead of an <code>optionType</code>.
-     * In this case, invoke the <code>getOptions</code> method
+     * <p> If this method returns {@code UNSPECIFIED_OPTION}, then this
+     * {@code ConfirmationCallback} was instantiated with
+     * {@code options} instead of an {@code optionType}.
+     * In this case, invoke the {@code getOptions} method
      * to determine which confirmation options to display.
      *
      * <p>
      *
-     * @return the option type (<code>YES_NO_OPTION</code>,
-     *          <code>YES_NO_CANCEL_OPTION</code> or
-     *          <code>OK_CANCEL_OPTION</code>), or
-     *          <code>UNSPECIFIED_OPTION</code> if this
-     *          <code>ConfirmationCallback</code> was instantiated with
-     *          <code>options</code> instead of an <code>optionType</code>.
+     * @return the option type ({@code YES_NO_OPTION},
+     *          {@code YES_NO_CANCEL_OPTION} or
+     *          {@code OK_CANCEL_OPTION}), or
+     *          {@code UNSPECIFIED_OPTION} if this
+     *          {@code ConfirmationCallback} was instantiated with
+     *          {@code options} instead of an {@code optionType}.
      */
     public int getOptionType() {
         return optionType;
@@ -433,8 +433,8 @@
      * <p>
      *
      * @return the list of confirmation options, or null if this
-     *          <code>ConfirmationCallback</code> was instantiated with
-     *          an <code>optionType</code> instead of <code>options</code>.
+     *          {@code ConfirmationCallback} was instantiated with
+     *          an {@code optionType} instead of {@code options}.
      */
     public String[] getOptions() {
         return options;
@@ -446,14 +446,14 @@
      * <p>
      *
      * @return the default option, represented as
-     *          <code>YES</code>, <code>NO</code>, <code>OK</code> or
-     *          <code>CANCEL</code> if an <code>optionType</code>
+     *          {@code YES}, {@code NO}, {@code OK} or
+     *          {@code CANCEL} if an {@code optionType}
      *          was specified to the constructor of this
-     *          <code>ConfirmationCallback</code>.
+     *          {@code ConfirmationCallback}.
      *          Otherwise, this method returns the default option as
      *          an index into the
-     *          <code>options</code> array specified to the constructor
-     *          of this <code>ConfirmationCallback</code>.
+     *          {@code options} array specified to the constructor
+     *          of this {@code ConfirmationCallback}.
      */
     public int getDefaultOption() {
         return defaultOption;
@@ -464,13 +464,13 @@
      *
      * <p>
      *
-     * @param selection the selection represented as <code>YES</code>,
-     *          <code>NO</code>, <code>OK</code> or <code>CANCEL</code>
-     *          if an <code>optionType</code> was specified to the constructor
-     *          of this <code>ConfirmationCallback</code>.
+     * @param selection the selection represented as {@code YES},
+     *          {@code NO}, {@code OK} or {@code CANCEL}
+     *          if an {@code optionType} was specified to the constructor
+     *          of this {@code ConfirmationCallback}.
      *          Otherwise, the selection represents the index into the
-     *          <code>options</code> array specified to the constructor
-     *          of this <code>ConfirmationCallback</code>.
+     *          {@code options} array specified to the constructor
+     *          of this {@code ConfirmationCallback}.
      *
      * @see #getSelectedIndex
      */
@@ -484,14 +484,14 @@
      * <p>
      *
      * @return the selected confirmation option represented as
-     *          <code>YES</code>, <code>NO</code>, <code>OK</code> or
-     *          <code>CANCEL</code> if an <code>optionType</code>
+     *          {@code YES}, {@code NO}, {@code OK} or
+     *          {@code CANCEL} if an {@code optionType}
      *          was specified to the constructor of this
-     *          <code>ConfirmationCallback</code>.
+     *          {@code ConfirmationCallback}.
      *          Otherwise, this method returns the selected confirmation
      *          option as an index into the
-     *          <code>options</code> array specified to the constructor
-     *          of this <code>ConfirmationCallback</code>.
+     *          {@code options} array specified to the constructor
+     *          of this {@code ConfirmationCallback}.
      *
      * @see #setSelectedIndex
      */
--- a/src/share/classes/javax/security/auth/callback/LanguageCallback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/callback/LanguageCallback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,8 +29,8 @@
 
 /**
  * <p> Underlying security services instantiate and pass a
- * <code>LanguageCallback</code> to the <code>handle</code>
- * method of a <code>CallbackHandler</code> to retrieve the <code>Locale</code>
+ * {@code LanguageCallback} to the {@code handle}
+ * method of a {@code CallbackHandler} to retrieve the {@code Locale}
  * used for localizing text.
  *
  * @see javax.security.auth.callback.CallbackHandler
@@ -46,16 +46,16 @@
     private Locale locale;
 
     /**
-     * Construct a <code>LanguageCallback</code>.
+     * Construct a {@code LanguageCallback}.
      */
     public LanguageCallback() { }
 
     /**
-     * Set the retrieved <code>Locale</code>.
+     * Set the retrieved {@code Locale}.
      *
      * <p>
      *
-     * @param locale the retrieved <code>Locale</code>.
+     * @param locale the retrieved {@code Locale}.
      *
      * @see #getLocale
      */
@@ -64,12 +64,12 @@
     }
 
     /**
-     * Get the retrieved <code>Locale</code>.
+     * Get the retrieved {@code Locale}.
      *
      * <p>
      *
-     * @return the retrieved <code>Locale</code>, or null
-     *          if no <code>Locale</code> could be retrieved.
+     * @return the retrieved {@code Locale}, or null
+     *          if no {@code Locale} could be retrieved.
      *
      * @see #setLocale
      */
--- a/src/share/classes/javax/security/auth/callback/NameCallback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/callback/NameCallback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,8 +27,8 @@
 
 /**
  * <p> Underlying security services instantiate and pass a
- * <code>NameCallback</code> to the <code>handle</code>
- * method of a <code>CallbackHandler</code> to retrieve name information.
+ * {@code NameCallback} to the {@code handle}
+ * method of a {@code CallbackHandler} to retrieve name information.
  *
  * @see javax.security.auth.callback.CallbackHandler
  */
@@ -53,14 +53,14 @@
     private String inputName;
 
     /**
-     * Construct a <code>NameCallback</code> with a prompt.
+     * Construct a {@code NameCallback} with a prompt.
      *
      * <p>
      *
      * @param prompt the prompt used to request the name.
      *
-     * @exception IllegalArgumentException if <code>prompt</code> is null
-     *                  or if <code>prompt</code> has a length of 0.
+     * @exception IllegalArgumentException if {@code prompt} is null
+     *                  or if {@code prompt} has a length of 0.
      */
     public NameCallback(String prompt) {
         if (prompt == null || prompt.length() == 0)
@@ -69,7 +69,7 @@
     }
 
     /**
-     * Construct a <code>NameCallback</code> with a prompt
+     * Construct a {@code NameCallback} with a prompt
      * and default name.
      *
      * <p>
@@ -79,10 +79,10 @@
      * @param defaultName the name to be used as the default name displayed
      *                  with the prompt.
      *
-     * @exception IllegalArgumentException if <code>prompt</code> is null,
-     *                  if <code>prompt</code> has a length of 0,
-     *                  if <code>defaultName</code> is null,
-     *                  or if <code>defaultName</code> has a length of 0.
+     * @exception IllegalArgumentException if {@code prompt} is null,
+     *                  if {@code prompt} has a length of 0,
+     *                  if {@code defaultName} is null,
+     *                  or if {@code defaultName} has a length of 0.
      */
     public NameCallback(String prompt, String defaultName) {
         if (prompt == null || prompt.length() == 0 ||
@@ -109,8 +109,8 @@
      *
      * <p>
      *
-     * @return the default name, or null if this <code>NameCallback</code>
-     *          was not instantiated with a <code>defaultName</code>.
+     * @return the default name, or null if this {@code NameCallback}
+     *          was not instantiated with a {@code defaultName}.
      */
     public String getDefaultName() {
         return defaultName;
--- a/src/share/classes/javax/security/auth/callback/PasswordCallback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/callback/PasswordCallback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,8 +27,8 @@
 
 /**
  * <p> Underlying security services instantiate and pass a
- * <code>PasswordCallback</code> to the <code>handle</code>
- * method of a <code>CallbackHandler</code> to retrieve password information.
+ * {@code PasswordCallback} to the {@code handle}
+ * method of a {@code CallbackHandler} to retrieve password information.
  *
  * @see javax.security.auth.callback.CallbackHandler
  */
@@ -53,7 +53,7 @@
     private char[] inputPassword;
 
     /**
-     * Construct a <code>PasswordCallback</code> with a prompt
+     * Construct a {@code PasswordCallback} with a prompt
      * and a boolean specifying whether the password should be displayed
      * as it is being typed.
      *
@@ -64,8 +64,8 @@
      * @param echoOn true if the password should be displayed
      *                  as it is being typed.
      *
-     * @exception IllegalArgumentException if <code>prompt</code> is null or
-     *                  if <code>prompt</code> has a length of 0.
+     * @exception IllegalArgumentException if {@code prompt} is null or
+     *                  if {@code prompt} has a length of 0.
      */
     public PasswordCallback(String prompt, boolean echoOn) {
         if (prompt == null || prompt.length() == 0)
--- a/src/share/classes/javax/security/auth/callback/TextInputCallback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/callback/TextInputCallback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,8 +27,8 @@
 
 /**
  * <p> Underlying security services instantiate and pass a
- * <code>TextInputCallback</code> to the <code>handle</code>
- * method of a <code>CallbackHandler</code> to retrieve generic text
+ * {@code TextInputCallback} to the {@code handle}
+ * method of a {@code CallbackHandler} to retrieve generic text
  * information.
  *
  * @see javax.security.auth.callback.CallbackHandler
@@ -54,14 +54,14 @@
     private String inputText;
 
     /**
-     * Construct a <code>TextInputCallback</code> with a prompt.
+     * Construct a {@code TextInputCallback} with a prompt.
      *
      * <p>
      *
      * @param prompt the prompt used to request the information.
      *
-     * @exception IllegalArgumentException if <code>prompt</code> is null
-     *                  or if <code>prompt</code> has a length of 0.
+     * @exception IllegalArgumentException if {@code prompt} is null
+     *                  or if {@code prompt} has a length of 0.
      */
     public TextInputCallback(String prompt) {
         if (prompt == null || prompt.length() == 0)
@@ -70,7 +70,7 @@
     }
 
     /**
-     * Construct a <code>TextInputCallback</code> with a prompt
+     * Construct a {@code TextInputCallback} with a prompt
      * and default input value.
      *
      * <p>
@@ -80,10 +80,10 @@
      * @param defaultText the text to be used as the default text displayed
      *                  with the prompt.
      *
-     * @exception IllegalArgumentException if <code>prompt</code> is null,
-     *                  if <code>prompt</code> has a length of 0,
-     *                  if <code>defaultText</code> is null
-     *                  or if <code>defaultText</code> has a length of 0.
+     * @exception IllegalArgumentException if {@code prompt} is null,
+     *                  if {@code prompt} has a length of 0,
+     *                  if {@code defaultText} is null
+     *                  or if {@code defaultText} has a length of 0.
      */
     public TextInputCallback(String prompt, String defaultText) {
         if (prompt == null || prompt.length() == 0 ||
@@ -110,8 +110,8 @@
      *
      * <p>
      *
-     * @return the default text, or null if this <code>TextInputCallback</code>
-     *          was not instantiated with <code>defaultText</code>.
+     * @return the default text, or null if this {@code TextInputCallback}
+     *          was not instantiated with {@code defaultText}.
      */
     public String getDefaultText() {
         return defaultText;
--- a/src/share/classes/javax/security/auth/callback/TextOutputCallback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/callback/TextOutputCallback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,8 +27,8 @@
 
 /**
  * <p> Underlying security services instantiate and pass a
- * <code>TextOutputCallback</code> to the <code>handle</code>
- * method of a <code>CallbackHandler</code> to display information messages,
+ * {@code TextOutputCallback} to the {@code handle}
+ * method of a {@code CallbackHandler} to display information messages,
  * warning messages and error messages.
  *
  * @see javax.security.auth.callback.CallbackHandler
@@ -61,16 +61,16 @@
      *
      * <p>
      *
-     * @param messageType the message type (<code>INFORMATION</code>,
-     *                  <code>WARNING</code> or <code>ERROR</code>). <p>
+     * @param messageType the message type ({@code INFORMATION},
+     *                  {@code WARNING} or {@code ERROR}). <p>
      *
      * @param message the message to be displayed. <p>
      *
-     * @exception IllegalArgumentException if <code>messageType</code>
-     *                  is not either <code>INFORMATION</code>,
-     *                  <code>WARNING</code> or <code>ERROR</code>,
-     *                  if <code>message</code> is null,
-     *                  or if <code>message</code> has a length of 0.
+     * @exception IllegalArgumentException if {@code messageType}
+     *                  is not either {@code INFORMATION},
+     *                  {@code WARNING} or {@code ERROR},
+     *                  if {@code message} is null,
+     *                  or if {@code message} has a length of 0.
      */
     public TextOutputCallback(int messageType, String message) {
         if ((messageType != INFORMATION &&
@@ -87,8 +87,8 @@
      *
      * <p>
      *
-     * @return the message type (<code>INFORMATION</code>,
-     *                  <code>WARNING</code> or <code>ERROR</code>).
+     * @return the message type ({@code INFORMATION},
+     *                  {@code WARNING} or {@code ERROR}).
      */
     public int getMessageType() {
         return messageType;
--- a/src/share/classes/javax/security/auth/callback/UnsupportedCallbackException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/callback/UnsupportedCallbackException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,8 +26,8 @@
 package javax.security.auth.callback;
 
 /**
- * Signals that a <code>CallbackHandler</code> does not
- * recognize a particular <code>Callback</code>.
+ * Signals that a {@code CallbackHandler} does not
+ * recognize a particular {@code Callback}.
  *
  */
 public class UnsupportedCallbackException extends Exception {
@@ -40,12 +40,12 @@
     private Callback callback;
 
     /**
-     * Constructs a <code>UnsupportedCallbackException</code>
+     * Constructs a {@code UnsupportedCallbackException}
      * with no detail message.
      *
      * <p>
      *
-     * @param callback the unrecognized <code>Callback</code>.
+     * @param callback the unrecognized {@code Callback}.
      */
     public UnsupportedCallbackException(Callback callback) {
         super();
@@ -59,7 +59,7 @@
      *
      * <p>
      *
-     * @param callback the unrecognized <code>Callback</code>. <p>
+     * @param callback the unrecognized {@code Callback}. <p>
      *
      * @param msg the detail message.
      */
@@ -69,11 +69,11 @@
     }
 
     /**
-     * Get the unrecognized <code>Callback</code>.
+     * Get the unrecognized {@code Callback}.
      *
      * <p>
      *
-     * @return the unrecognized <code>Callback</code>.
+     * @return the unrecognized {@code Callback}.
      */
     public Callback getCallback() {
         return callback;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/javax/security/auth/callback/package-info.java	Mon Jan 23 20:14:27 2017 +0000
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * This package provides the classes necessary for services
+ * to interact with applications in order to retrieve
+ * information (authentication data including usernames
+ * or passwords, for example) or to display information
+ * (error and warning messages, for example).
+ *
+ * @since JDK1.4
+ */
+package javax.security.auth.callback;
--- a/src/share/classes/javax/security/auth/callback/package.html	Mon Jan 23 17:53:32 2017 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,57 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
-<html>
-<head>
-<!--
-Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
-DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-
-This code is free software; you can redistribute it and/or modify it
-under the terms of the GNU General Public License version 2 only, as
-published by the Free Software Foundation.  Oracle designates this
-particular file as subject to the "Classpath" exception as provided
-by Oracle in the LICENSE file that accompanied this code.
-
-This code is distributed in the hope that it will be useful, but WITHOUT
-ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-version 2 for more details (a copy is included in the LICENSE file that
-accompanied this code).
-
-You should have received a copy of the GNU General Public License version
-2 along with this work; if not, write to the Free Software Foundation,
-Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-or visit www.oracle.com if you need additional information or have any
-questions.
--->
-
-</head>
-<body bgcolor="white">
-
-	This package provides the classes necessary for services
- 	to interact with applications in order to retrieve 
- 	information (authentication data including usernames
- 	or passwords, for example) or to display information
- 	(error and warning messages, for example).
-
-<!--
-<h2>Package Specification</h2>
-
-##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
-<ul>
-  <li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
-</ul>
-
-<h2>Related Documentation</h2>
-
-For overviews, tutorials, examples, guides, and tool documentation, please see:
-<ul>
-  <li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
-</ul>
-
--->
-
-@since JDK1.4
-</body>
-</html>
--- a/src/share/classes/javax/security/auth/kerberos/DelegationPermission.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/kerberos/DelegationPermission.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -38,7 +38,7 @@
  * This class is used to restrict the usage of the Kerberos
  * delegation model, ie: forwardable and proxiable tickets.
  * <p>
- * The target name of this <code>Permission</code> specifies a pair of
+ * The target name of this {@code Permission} specifies a pair of
  * kerberos service principals. The first is the subordinate service principal
  * being entrusted to use the TGT. The second service principal designates
  * the target service the subordinate service principal is to
@@ -71,15 +71,15 @@
     private transient String subordinate, service;
 
     /**
-     * Create a new <code>DelegationPermission</code>
+     * Create a new {@code DelegationPermission}
      * with the specified subordinate and target principals.
      *
      * <p>
      *
      * @param principals the name of the subordinate and target principals
      *
-     * @throws NullPointerException if <code>principals</code> is <code>null</code>.
-     * @throws IllegalArgumentException if <code>principals</code> is empty.
+     * @throws NullPointerException if {@code principals} is {@code null}.
+     * @throws IllegalArgumentException if {@code principals} is empty.
      */
     public DelegationPermission(String principals) {
         super(principals);
@@ -87,7 +87,7 @@
     }
 
     /**
-     * Create a new <code>DelegationPermission</code>
+     * Create a new {@code DelegationPermission}
      * with the specified subordinate and target principals.
      * <p>
      *
@@ -95,8 +95,8 @@
      * <p>
      * @param actions should be null.
      *
-     * @throws NullPointerException if <code>principals</code> is <code>null</code>.
-     * @throws IllegalArgumentException if <code>principals</code> is empty.
+     * @throws NullPointerException if {@code principals} is {@code null}.
+     * @throws IllegalArgumentException if {@code principals} is empty.
      */
     public DelegationPermission(String principals, String actions) {
         super(principals, actions);
@@ -134,7 +134,7 @@
      * Checks if this Kerberos delegation permission object "implies" the
      * specified permission.
      * <P>
-     * If none of the above are true, <code>implies</code> returns false.
+     * If none of the above are true, {@code implies} returns false.
      * @param p the permission to check against.
      *
      * @return true if the specified permission is implied by this object,
--- a/src/share/classes/javax/security/auth/kerberos/KerberosKey.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/kerberos/KerberosKey.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -76,7 +76,7 @@
     private int versionNum;
 
    /**
-    * <code>KeyImpl</code> is serialized by writing out the ASN1 Encoded bytes
+    * {@code KeyImpl} is serialized by writing out the ASN1 Encoded bytes
     * of the encryption key.
     * The ASN1 encoding is defined in RFC4120 and as  follows:
     * <pre>
@@ -241,7 +241,7 @@
     /**
      * Returns a hashcode for this KerberosKey.
      *
-     * @return a hashCode() for the <code>KerberosKey</code>
+     * @return a hashCode() for the {@code KerberosKey}
      * @since 1.6
      */
     public int hashCode() {
@@ -260,8 +260,8 @@
     /**
      * Compares the specified Object with this KerberosKey for equality.
      * Returns true if the given object is also a
-     * <code>KerberosKey</code> and the two
-     * <code>KerberosKey</code> instances are equivalent.
+     * {@code KerberosKey} and the two
+     * {@code KerberosKey} instances are equivalent.
      *
      * @param other the Object to compare to
      * @return true if the specified object is equal to this KerberosKey,
--- a/src/share/classes/javax/security/auth/kerberos/KerberosPrincipal.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/kerberos/KerberosPrincipal.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -184,11 +184,11 @@
     /**
      * Returns a hashcode for this principal. The hash code is defined to
      * be the result of the following  calculation:
-     * <pre><code>
+     * <pre>{@code
      *  hashCode = getName().hashCode();
-     * </code></pre>
+     * }</pre>
      *
-     * @return a hashCode() for the <code>KerberosPrincipal</code>
+     * @return a hashCode() for the {@code KerberosPrincipal}
      */
     public int hashCode() {
         return getName().hashCode();
@@ -197,11 +197,11 @@
     /**
      * Compares the specified Object with this Principal for equality.
      * Returns true if the given object is also a
-     * <code>KerberosPrincipal</code> and the two
-     * <code>KerberosPrincipal</code> instances are equivalent.
-     * More formally two <code>KerberosPrincipal</code> instances are equal
-     * if the values returned by <code>getName()</code> are equal and the
-     * values returned by <code>getNameType()</code> are equal.
+     * {@code KerberosPrincipal} and the two
+     * {@code KerberosPrincipal} instances are equivalent.
+     * More formally two {@code KerberosPrincipal} instances are equal
+     * if the values returned by {@code getName()} are equal and the
+     * values returned by {@code getNameType()} are equal.
      *
      * @param other the Object to compare to
      * @return true if the Object passed in represents the same principal
@@ -228,7 +228,7 @@
     /**
      * Save the KerberosPrincipal object to a stream
      *
-     * @serialData this <code>KerberosPrincipal</code> is serialized
+     * @serialData this {@code KerberosPrincipal} is serialized
      *          by writing out the PrincipalName and the
      *          realm in their DER-encoded form as specified in Section 5.2.2 of
      *          <a href=http://www.ietf.org/rfc/rfc4120.txt> RFC4120</a>.
--- a/src/share/classes/javax/security/auth/kerberos/KerberosTicket.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/kerberos/KerberosTicket.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -103,7 +103,7 @@
     private byte[] asn1Encoding;
 
     /**
-     *<code>KeyImpl</code> is serialized by writing out the ASN1 Encoded bytes
+     *{@code KeyImpl} is serialized by writing out the ASN1 Encoded bytes
      * of the encryption key. The ASN1 encoding is defined in RFC4120 and as
      * follows:
      * <pre>
@@ -667,7 +667,7 @@
     /**
      * Returns a hashcode for this KerberosTicket.
      *
-     * @return a hashCode() for the <code>KerberosTicket</code>
+     * @return a hashCode() for the {@code KerberosTicket}
      * @since 1.6
      */
     public int hashCode() {
@@ -704,8 +704,8 @@
     /**
      * Compares the specified Object with this KerberosTicket for equality.
      * Returns true if the given object is also a
-     * <code>KerberosTicket</code> and the two
-     * <code>KerberosTicket</code> instances are equivalent.
+     * {@code KerberosTicket} and the two
+     * {@code KerberosTicket} instances are equivalent.
      *
      * @param other the Object to compare to
      * @return true if the specified object is equal to this KerberosTicket,
--- a/src/share/classes/javax/security/auth/kerberos/KeyImpl.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/kerberos/KeyImpl.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -166,7 +166,7 @@
     }
 
     /**
-     * @serialData this <code>KeyImpl</code> is serialized by
+     * @serialData this {@code KeyImpl} is serialized by
      * writing out the ASN1 Encoded bytes of the encryption key.
      * The ASN1 encoding is defined in RFC4120 and as  follows:
      * EncryptionKey   ::= SEQUENCE {
--- a/src/share/classes/javax/security/auth/kerberos/KeyTab.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/kerberos/KeyTab.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -214,7 +214,7 @@
     /**
      * Returns a hashcode for this KeyTab.
      *
-     * @return a hashCode() for the <code>KeyTab</code>
+     * @return a hashCode() for the {@code KeyTab}
      */
     public int hashCode() {
         return Objects.hash(file);
@@ -223,8 +223,8 @@
     /**
      * Compares the specified Object with this KeyTab for equality.
      * Returns true if the given object is also a
-     * <code>KeyTab</code> and the two
-     * <code>KeyTab</code> instances are equivalent.
+     * {@code KeyTab} and the two
+     * {@code KeyTab} instances are equivalent.
      *
      * @param other the Object to compare to
      * @return true if the specified object is equal to this KeyTab
--- a/src/share/classes/javax/security/auth/kerberos/ServicePermission.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/kerberos/ServicePermission.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -135,9 +135,9 @@
                             // created and re-used in the getAction function.
 
     /**
-     * Create a new <code>ServicePermission</code>
-     * with the specified <code>servicePrincipal</code>
-     * and <code>action</code>.
+     * Create a new {@code ServicePermission}
+     * with the specified {@code servicePrincipal}
+     * and {@code action}.
      *
      * @param servicePrincipal the name of the service principal.
      * An asterisk may appear by itself, to signify any service principal.
@@ -172,7 +172,7 @@
      * Checks if this Kerberos service permission object "implies" the
      * specified permission.
      * <P>
-     * If none of the above are true, <code>implies</code> returns false.
+     * If none of the above are true, {@code implies} returns false.
      * @param p the permission to check against.
      *
      * @return true if the specified permission is implied by this object,
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/javax/security/auth/kerberos/package-info.java	Mon Jan 23 20:14:27 2017 +0000
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * This package contains utility classes related to the Kerberos network
+ * authentication protocol. They do not provide much Kerberos support
+ * themselves.<p>
+ *
+ * The Kerberos network authentication protocol is defined in
+ * <a href=http://www.ietf.org/rfc/rfc4120.txt>RFC 4120</a>. The Java
+ * platform contains support for the client side of Kerberos via the
+ * {@link org.ietf.jgss} package. There might also be
+ * a login module that implements
+ * {@link javax.security.auth.spi.LoginModule LoginModule} to authenticate
+ * Kerberos principals.<p>
+ *
+ * You can provide the name of your default realm and Key Distribution
+ * Center (KDC) host for that realm using the system properties
+ * {@code java.security.krb5.realm} and {@code java.security.krb5.kdc}.
+ * Both properties must be set.
+ * Alternatively, you can provide an MIT style configuration file called
+ * {@code krb5.conf} in {@code <java-home>/lib/security}. If you place this
+ * file elsewhere, you can indicate that location via the system property
+ * {@code java.security.krb5.conf}.<p>
+ *
+ * @since JDK1.4
+ */
+package javax.security.auth.kerberos;
--- a/src/share/classes/javax/security/auth/kerberos/package.html	Mon Jan 23 17:53:32 2017 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,69 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
-<html>
-<head>
-<!--
-Copyright (c) 2001, 2006, Oracle and/or its affiliates. All rights reserved.
-DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-
-This code is free software; you can redistribute it and/or modify it
-under the terms of the GNU General Public License version 2 only, as
-published by the Free Software Foundation.  Oracle designates this
-particular file as subject to the "Classpath" exception as provided
-by Oracle in the LICENSE file that accompanied this code.
-
-This code is distributed in the hope that it will be useful, but WITHOUT
-ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-version 2 for more details (a copy is included in the LICENSE file that
-accompanied this code).
-
-You should have received a copy of the GNU General Public License version
-2 along with this work; if not, write to the Free Software Foundation,
-Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-or visit www.oracle.com if you need additional information or have any
-questions.
--->
-
-</head>
-<body bgcolor="white">
-
-    This package contains utility classes related to the Kerberos network
-    authentication protocol. They do not provide much Kerberos support
-    themselves.<p>
-
-    The Kerberos network authentication protocol is defined in 
-    <a href=http://www.ietf.org/rfc/rfc4120.txt>RFC 4120</a>. The Java
-    platform contains support for the client side of Kerberos via the 
-    {@link org.ietf.jgss} package. There might also be 
-    a login module that implements
-    {@link javax.security.auth.spi.LoginModule LoginModule} to authenticate 
-    Kerberos principals.<p>
-
-    You can provide the name of your default realm and Key Distribution
-    Center (KDC) host for that realm using the system properties
-    java.security.krb5.realm and java.security.krb5.kdc. Alternatively, you 
-    can provide an MIT style configuration file called krb5.conf in
-    &lt;java-home&gt;/lib/security. If you place this file elsewhere, you can
-    indicate that location via the system property java.security.krb5.conf.<p>
-<!--
-<h2>Package Specification</h2>
-
-##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
-<ul>
-  <li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
-</ul>
-
-<h2>Related Documentation</h2>
-
-For overviews, tutorials, examples, guides, and tool documentation, please see:
-<ul>
-  <li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
-</ul>
-
--->
-
-@since JDK1.4
-</body>
-</html>
--- a/src/share/classes/javax/security/auth/login/AccountExpiredException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/login/AccountExpiredException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,9 +29,9 @@
  * Signals that a user account has expired.
  *
  * <p> This exception is thrown by LoginModules when they determine
- * that an account has expired.  For example, a <code>LoginModule</code>,
+ * that an account has expired.  For example, a {@code LoginModule},
  * after successfully authenticating a user, may determine that the
- * user's account has expired.  In this case the <code>LoginModule</code>
+ * user's account has expired.  In this case the {@code LoginModule}
  * throws this exception to notify the application.  The application can
  * then take the appropriate steps to notify the user.
  *
--- a/src/share/classes/javax/security/auth/login/AppConfigurationEntry.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/login/AppConfigurationEntry.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,14 +29,14 @@
 import java.util.Collections;
 
 /**
- * This class represents a single <code>LoginModule</code> entry
+ * This class represents a single {@code LoginModule} entry
  * configured for the application specified in the
- * <code>getAppConfigurationEntry(String appName)</code>
- * method in the <code>Configuration</code> class.  Each respective
- * <code>AppConfigurationEntry</code> contains a <code>LoginModule</code> name,
- * a control flag (specifying whether this <code>LoginModule</code> is
+ * {@code getAppConfigurationEntry(String appName)}
+ * method in the {@code Configuration} class.  Each respective
+ * {@code AppConfigurationEntry} contains a {@code LoginModule} name,
+ * a control flag (specifying whether this {@code LoginModule} is
  * REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL), and LoginModule-specific
- * options.  Please refer to the <code>Configuration</code> class for
+ * options.  Please refer to the {@code Configuration} class for
  * more information on the different control flags and their semantics.
  *
  * @see javax.security.auth.login.Configuration
@@ -50,25 +50,25 @@
     /**
      * Default constructor for this class.
      *
-     * <p> This entry represents a single <code>LoginModule</code>
+     * <p> This entry represents a single {@code LoginModule}
      * entry configured for the application specified in the
-     * <code>getAppConfigurationEntry(String appName)</code>
-     * method from the <code>Configuration</code> class.
+     * {@code getAppConfigurationEntry(String appName)}
+     * method from the {@code Configuration} class.
      *
      * @param loginModuleName String representing the class name of the
-     *                  <code>LoginModule</code> configured for the
+     *                  {@code LoginModule} configured for the
      *                  specified application. <p>
      *
      * @param controlFlag either REQUIRED, REQUISITE, SUFFICIENT,
      *                  or OPTIONAL. <p>
      *
-     * @param options the options configured for this <code>LoginModule</code>.
+     * @param options the options configured for this {@code LoginModule}.
      *
-     * @exception IllegalArgumentException if <code>loginModuleName</code>
-     *                  is null, if <code>LoginModuleName</code>
-     *                  has a length of 0, if <code>controlFlag</code>
+     * @exception IllegalArgumentException if {@code loginModuleName}
+     *                  is null, if {@code LoginModuleName}
+     *                  has a length of 0, if {@code controlFlag}
      *                  is not either REQUIRED, REQUISITE, SUFFICIENT
-     *                  or OPTIONAL, or if <code>options</code> is null.
+     *                  or OPTIONAL, or if {@code options} is null.
      */
     public AppConfigurationEntry(String loginModuleName,
                                 LoginModuleControlFlag controlFlag,
@@ -88,9 +88,9 @@
     }
 
     /**
-     * Get the class name of the configured <code>LoginModule</code>.
+     * Get the class name of the configured {@code LoginModule}.
      *
-     * @return the class name of the configured <code>LoginModule</code> as
+     * @return the class name of the configured {@code LoginModule} as
      *          a String.
      */
     public String getLoginModuleName() {
@@ -100,28 +100,28 @@
     /**
      * Return the controlFlag
      * (either REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL)
-     * for this <code>LoginModule</code>.
+     * for this {@code LoginModule}.
      *
      * @return the controlFlag
      *          (either REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL)
-     *          for this <code>LoginModule</code>.
+     *          for this {@code LoginModule}.
      */
     public LoginModuleControlFlag getControlFlag() {
         return controlFlag;
     }
 
     /**
-     * Get the options configured for this <code>LoginModule</code>.
+     * Get the options configured for this {@code LoginModule}.
      *
-     * @return the options configured for this <code>LoginModule</code>
-     *          as an unmodifiable <code>Map</code>.
+     * @return the options configured for this {@code LoginModule}
+     *          as an unmodifiable {@code Map}.
      */
     public Map<String,?> getOptions() {
         return options;
     }
 
     /**
-     * This class represents whether or not a <code>LoginModule</code>
+     * This class represents whether or not a {@code LoginModule}
      * is REQUIRED, REQUISITE, SUFFICIENT or OPTIONAL.
      */
     public static class LoginModuleControlFlag {
@@ -129,25 +129,25 @@
         private String controlFlag;
 
         /**
-         * Required <code>LoginModule</code>.
+         * Required {@code LoginModule}.
          */
         public static final LoginModuleControlFlag REQUIRED =
                                 new LoginModuleControlFlag("required");
 
         /**
-         * Requisite <code>LoginModule</code>.
+         * Requisite {@code LoginModule}.
          */
         public static final LoginModuleControlFlag REQUISITE =
                                 new LoginModuleControlFlag("requisite");
 
         /**
-         * Sufficient <code>LoginModule</code>.
+         * Sufficient {@code LoginModule}.
          */
         public static final LoginModuleControlFlag SUFFICIENT =
                                 new LoginModuleControlFlag("sufficient");
 
         /**
-         * Optional <code>LoginModule</code>.
+         * Optional {@code LoginModule}.
          */
         public static final LoginModuleControlFlag OPTIONAL =
                                 new LoginModuleControlFlag("optional");
--- a/src/share/classes/javax/security/auth/login/Configuration.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/login/Configuration.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -46,9 +46,9 @@
  *
  * <p> A login configuration contains the following information.
  * Note that this example only represents the default syntax for the
- * <code>Configuration</code>.  Subclass implementations of this class
+ * {@code Configuration}.  Subclass implementations of this class
  * may implement alternative syntaxes and may retrieve the
- * <code>Configuration</code> from any source such as files, databases,
+ * {@code Configuration} from any source such as files, databases,
  * or servers.
  *
  * <pre>
@@ -67,9 +67,9 @@
  *      };
  * </pre>
  *
- * <p> Each entry in the <code>Configuration</code> is indexed via an
+ * <p> Each entry in the {@code Configuration} is indexed via an
  * application name, <i>Name</i>, and contains a list of
- * LoginModules configured for that application.  Each <code>LoginModule</code>
+ * LoginModules configured for that application.  Each {@code LoginModule}
  * is specified via its fully qualified class name.
  * Authentication proceeds down the module list in the exact order specified.
  * If an application does not have specific entry,
@@ -80,55 +80,55 @@
  * valid values for <i>Flag</i> and their respective semantics:
  *
  * <pre>
- *      1) Required     - The <code>LoginModule</code> is required to succeed.
+ *      1) Required     - The {@code LoginModule} is required to succeed.
  *                      If it succeeds or fails, authentication still continues
- *                      to proceed down the <code>LoginModule</code> list.
+ *                      to proceed down the {@code LoginModule} list.
  *
- *      2) Requisite    - The <code>LoginModule</code> is required to succeed.
+ *      2) Requisite    - The {@code LoginModule} is required to succeed.
  *                      If it succeeds, authentication continues down the
- *                      <code>LoginModule</code> list.  If it fails,
+ *                      {@code LoginModule} list.  If it fails,
  *                      control immediately returns to the application
  *                      (authentication does not proceed down the
- *                      <code>LoginModule</code> list).
+ *                      {@code LoginModule} list).
  *
- *      3) Sufficient   - The <code>LoginModule</code> is not required to
+ *      3) Sufficient   - The {@code LoginModule} is not required to
  *                      succeed.  If it does succeed, control immediately
  *                      returns to the application (authentication does not
- *                      proceed down the <code>LoginModule</code> list).
+ *                      proceed down the {@code LoginModule} list).
  *                      If it fails, authentication continues down the
- *                      <code>LoginModule</code> list.
+ *                      {@code LoginModule} list.
  *
- *      4) Optional     - The <code>LoginModule</code> is not required to
+ *      4) Optional     - The {@code LoginModule} is not required to
  *                      succeed.  If it succeeds or fails,
  *                      authentication still continues to proceed down the
- *                      <code>LoginModule</code> list.
+ *                      {@code LoginModule} list.
  * </pre>
  *
  * <p> The overall authentication succeeds only if all <i>Required</i> and
  * <i>Requisite</i> LoginModules succeed.  If a <i>Sufficient</i>
- * <code>LoginModule</code> is configured and succeeds,
+ * {@code LoginModule} is configured and succeeds,
  * then only the <i>Required</i> and <i>Requisite</i> LoginModules prior to
- * that <i>Sufficient</i> <code>LoginModule</code> need to have succeeded for
+ * that <i>Sufficient</i> {@code LoginModule} need to have succeeded for
  * the overall authentication to succeed. If no <i>Required</i> or
  * <i>Requisite</i> LoginModules are configured for an application,
  * then at least one <i>Sufficient</i> or <i>Optional</i>
- * <code>LoginModule</code> must succeed.
+ * {@code LoginModule} must succeed.
  *
  * <p> <i>ModuleOptions</i> is a space separated list of
- * <code>LoginModule</code>-specific values which are passed directly to
+ * {@code LoginModule}-specific values which are passed directly to
  * the underlying LoginModules.  Options are defined by the
- * <code>LoginModule</code> itself, and control the behavior within it.
- * For example, a <code>LoginModule</code> may define options to support
+ * {@code LoginModule} itself, and control the behavior within it.
+ * For example, a {@code LoginModule} may define options to support
  * debugging/testing capabilities.  The correct way to specify options in the
- * <code>Configuration</code> is by using the following key-value pairing:
+ * {@code Configuration} is by using the following key-value pairing:
  * <i>debug="true"</i>.  The key and value should be separated by an
  * 'equals' symbol, and the value should be surrounded by double quotes.
  * If a String in the form, ${system.property}, occurs in the value,
  * it will be expanded to the value of the system property.
  * Note that there is no limit to the number of
- * options a <code>LoginModule</code> may define.
+ * options a {@code LoginModule} may define.
  *
- * <p> The following represents an example <code>Configuration</code> entry
+ * <p> The following represents an example {@code Configuration} entry
  * based on the syntax above:
  *
  * <pre>
@@ -140,7 +140,7 @@
  * };
  * </pre>
  *
- * <p> This <code>Configuration</code> specifies that an application named,
+ * <p> This {@code Configuration} specifies that an application named,
  * "Login", requires users to first authenticate to the
  * <i>com.sun.security.auth.module.UnixLoginModule</i>, which is
  * required to succeed.  Even if the <i>UnixLoginModule</i>
@@ -162,11 +162,11 @@
  *
  * <p> There is only one Configuration object installed in the runtime at any
  * given time.  A Configuration object can be installed by calling the
- * <code>setConfiguration</code> method.  The installed Configuration object
- * can be obtained by calling the <code>getConfiguration</code> method.
+ * {@code setConfiguration} method.  The installed Configuration object
+ * can be obtained by calling the {@code getConfiguration} method.
  *
  * <p> If no Configuration object has been installed in the runtime, a call to
- * <code>getConfiguration</code> installs an instance of the default
+ * {@code getConfiguration} installs an instance of the default
  * Configuration implementation (a default subclass implementation of this
  * abstract class).
  * The default Configuration implementation can be changed by setting the value
@@ -179,7 +179,7 @@
  *
  * <p> Application code can directly subclass Configuration to provide a custom
  * implementation.  In addition, an instance of a Configuration object can be
- * constructed by invoking one of the <code>getInstance</code> factory methods
+ * constructed by invoking one of the {@code getInstance} factory methods
  * with a standard type.  The default policy type is "JavaLoginConfig".
  * See the Configuration section in the <a href=
  * "{@docRoot}/../technotes/guides/security/StandardNames.html#Configuration">
@@ -215,7 +215,7 @@
      * <p>
      *
      * @return the login Configuration.  If a Configuration object was set
-     *          via the <code>Configuration.setConfiguration</code> method,
+     *          via the {@code Configuration.setConfiguration} method,
      *          then that object is returned.  Otherwise, a default
      *          Configuration object is returned.
      *
@@ -288,14 +288,14 @@
     }
 
     /**
-     * Set the login <code>Configuration</code>.
+     * Set the login {@code Configuration}.
      *
      * <p>
      *
-     * @param configuration the new <code>Configuration</code>
+     * @param configuration the new {@code Configuration}
      *
      * @exception SecurityException if the current thread does not have
-     *                  Permission to set the <code>Configuration</code>.
+     *                  Permission to set the {@code Configuration}.
      *
      * @see #getConfiguration
      */
@@ -507,7 +507,7 @@
      * Return the Provider of this Configuration.
      *
      * <p> This Configuration instance will only have a Provider if it
-     * was obtained via a call to <code>Configuration.getInstance</code>.
+     * was obtained via a call to {@code Configuration.getInstance}.
      * Otherwise this method returns null.
      *
      * @return the Provider of this Configuration, or null.
@@ -522,7 +522,7 @@
      * Return the type of this Configuration.
      *
      * <p> This Configuration instance will only have a type if it
-     * was obtained via a call to <code>Configuration.getInstance</code>.
+     * was obtained via a call to {@code Configuration.getInstance}.
      * Otherwise this method returns null.
      *
      * @return the type of this Configuration, or null.
@@ -537,7 +537,7 @@
      * Return Configuration parameters.
      *
      * <p> This Configuration instance will only have parameters if it
-     * was obtained via a call to <code>Configuration.getInstance</code>.
+     * was obtained via a call to {@code Configuration.getInstance}.
      * Otherwise this method returns null.
      *
      * @return Configuration parameters, or null.
@@ -569,7 +569,7 @@
      * <p> This method causes this Configuration object to refresh/reload its
      * contents in an implementation-dependent manner.
      * For example, if this Configuration object stores its entries in a file,
-     * calling <code>refresh</code> may cause the file to be re-read.
+     * calling {@code refresh} may cause the file to be re-read.
      *
      * <p> The default implementation of this method does nothing.
      * This method should be overridden if a refresh operation is supported
--- a/src/share/classes/javax/security/auth/login/ConfigurationSpi.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/login/ConfigurationSpi.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,15 +28,15 @@
 
 /**
  * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
- * for the <code>Configuration</code> class.
+ * for the {@code Configuration} class.
  * All the abstract methods in this class must be implemented by each
  * service provider who wishes to supply a Configuration implementation.
  *
  * <p> Subclass implementations of this abstract class must provide
- * a public constructor that takes a <code>Configuration.Parameters</code>
+ * a public constructor that takes a {@code Configuration.Parameters}
  * object as an input parameter.  This constructor also must throw
  * an IllegalArgumentException if it does not understand the
- * <code>Configuration.Parameters</code> input.
+ * {@code Configuration.Parameters} input.
  *
  *
  * @since 1.6
@@ -62,7 +62,7 @@
      * <p> This method causes this Configuration object to refresh/reload its
      * contents in an implementation-dependent manner.
      * For example, if this Configuration object stores its entries in a file,
-     * calling <code>refresh</code> may cause the file to be re-read.
+     * calling {@code refresh} may cause the file to be re-read.
      *
      * <p> The default implementation of this method does nothing.
      * This method should be overridden if a refresh operation is supported
--- a/src/share/classes/javax/security/auth/login/CredentialExpiredException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/login/CredentialExpiredException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,14 +26,14 @@
 package javax.security.auth.login;
 
 /**
- * Signals that a <code>Credential</code> has expired.
+ * Signals that a {@code Credential} has expired.
  *
  * <p> This exception is thrown by LoginModules when they determine
- * that a <code>Credential</code> has expired.
- * For example, a <code>LoginModule</code> authenticating a user
- * in its <code>login</code> method may determine that the user's
+ * that a {@code Credential} has expired.
+ * For example, a {@code LoginModule} authenticating a user
+ * in its {@code login} method may determine that the user's
  * password, although entered correctly, has expired.  In this case
- * the <code>LoginModule</code> throws this exception to notify
+ * the {@code LoginModule} throws this exception to notify
  * the application.  The application can then take the appropriate
  * steps to assist the user in updating the password.
  *
--- a/src/share/classes/javax/security/auth/login/FailedLoginException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/login/FailedLoginException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,7 +29,7 @@
  * Signals that user authentication failed.
  *
  * <p> This exception is thrown by LoginModules if authentication failed.
- * For example, a <code>LoginModule</code> throws this exception if
+ * For example, a {@code LoginModule} throws this exception if
  * the user entered an incorrect password.
  *
  */
--- a/src/share/classes/javax/security/auth/login/LoginContext.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/login/LoginContext.java	Mon Jan 23 20:14:27 2017 +0000
@@ -41,11 +41,11 @@
 import sun.security.util.ResourcesMgr;
 
 /**
- * <p> The <code>LoginContext</code> class describes the basic methods used
+ * <p> The {@code LoginContext} class describes the basic methods used
  * to authenticate Subjects and provides a way to develop an
  * application independent of the underlying authentication technology.
- * A <code>Configuration</code> specifies the authentication technology, or
- * <code>LoginModule</code>, to be used with a particular application.
+ * A {@code Configuration} specifies the authentication technology, or
+ * {@code LoginModule}, to be used with a particular application.
  * Different LoginModules can be plugged in under an application
  * without requiring any modifications to the application itself.
  *
@@ -57,36 +57,36 @@
  * LoginModule under an application.
  *
  * <p> A typical caller instantiates a LoginContext with
- * a <i>name</i> and a <code>CallbackHandler</code>.
+ * a <i>name</i> and a {@code CallbackHandler}.
  * LoginContext uses the <i>name</i> as the index into a
  * Configuration to determine which LoginModules should be used,
  * and which ones must succeed in order for the overall authentication to
- * succeed.  The <code>CallbackHandler</code> is passed to the underlying
+ * succeed.  The {@code CallbackHandler} is passed to the underlying
  * LoginModules so they may communicate and interact with users
  * (prompting for a username and password via a graphical user interface,
  * for example).
  *
  * <p> Once the caller has instantiated a LoginContext,
- * it invokes the <code>login</code> method to authenticate
- * a <code>Subject</code>.  The <code>login</code> method invokes
+ * it invokes the {@code login} method to authenticate
+ * a {@code Subject}.  The {@code login} method invokes
  * the configured modules to perform their respective types of authentication
  * (username/password, smart card pin verification, etc.).
  * Note that the LoginModules will not attempt authentication retries nor
  * introduce delays if the authentication fails.
  * Such tasks belong to the LoginContext caller.
  *
- * <p> If the <code>login</code> method returns without
+ * <p> If the {@code login} method returns without
  * throwing an exception, then the overall authentication succeeded.
  * The caller can then retrieve
  * the newly authenticated Subject by invoking the
- * <code>getSubject</code> method.  Principals and Credentials associated
+ * {@code getSubject} method.  Principals and Credentials associated
  * with the Subject may be retrieved by invoking the Subject's
- * respective <code>getPrincipals</code>, <code>getPublicCredentials</code>,
- * and <code>getPrivateCredentials</code> methods.
+ * respective {@code getPrincipals}, {@code getPublicCredentials},
+ * and {@code getPrivateCredentials} methods.
  *
  * <p> To logout the Subject, the caller calls
- * the <code>logout</code> method.  As with the <code>login</code>
- * method, this <code>logout</code> method invokes the <code>logout</code>
+ * the {@code logout} method.  As with the {@code login}
+ * method, this {@code logout} method invokes the {@code logout}
  * method for the configured modules.
  *
  * <p> A LoginContext should not be used to authenticate
@@ -96,14 +96,14 @@
  * <p> The following documentation applies to all LoginContext constructors:
  * <ol>
  *
- * <li> <code>Subject</code>
+ * <li> {@code Subject}
  * <ul>
  * <li> If the constructor has a Subject
  * input parameter, the LoginContext uses the caller-specified
  * Subject object.
  * <p>
- * <li> If the caller specifies a <code>null</code> Subject
- * and a <code>null</code> value is permitted,
+ * <li> If the caller specifies a {@code null} Subject
+ * and a {@code null} value is permitted,
  * the LoginContext instantiates a new Subject.
  * <p>
  * <li> If the constructor does <b>not</b> have a Subject
@@ -111,14 +111,14 @@
  * <p>
  * </ul>
  *
- * <li> <code>Configuration</code>
+ * <li> {@code Configuration}
  * <ul>
  * <li> If the constructor has a Configuration
  * input parameter and the caller specifies a non-null Configuration,
  * the LoginContext uses the caller-specified Configuration.
  * <p>
  * If the constructor does <b>not</b> have a Configuration
- * input parameter, or if the caller specifies a <code>null</code>
+ * input parameter, or if the caller specifies a {@code null}
  * Configuration object, the constructor uses the following call to
  * get the installed Configuration:
  * <pre>
@@ -126,42 +126,42 @@
  * </pre>
  * For both cases,
  * the <i>name</i> argument given to the constructor is passed to the
- * <code>Configuration.getAppConfigurationEntry</code> method.
+ * {@code Configuration.getAppConfigurationEntry} method.
  * If the Configuration has no entries for the specified <i>name</i>,
- * then the <code>LoginContext</code> calls
- * <code>getAppConfigurationEntry</code> with the name, "<i>other</i>"
+ * then the {@code LoginContext} calls
+ * {@code getAppConfigurationEntry} with the name, "<i>other</i>"
  * (the default entry name).  If there is no entry for "<i>other</i>",
- * then a <code>LoginException</code> is thrown.
+ * then a {@code LoginException} is thrown.
  * <p>
  * <li> When LoginContext uses the installed Configuration, the caller
  * requires the createLoginContext.<em>name</em> and possibly
  * createLoginContext.other AuthPermissions. Furthermore, the
  * LoginContext will invoke configured modules from within an
- * <code>AccessController.doPrivileged</code> call so that modules that
+ * {@code AccessController.doPrivileged} call so that modules that
  * perform security-sensitive tasks (such as connecting to remote hosts,
  * and updating the Subject) will require the respective permissions, but
  * the callers of the LoginContext will not require those permissions.
  * <p>
  * <li> When LoginContext uses a caller-specified Configuration, the caller
  * does not require any createLoginContext AuthPermission.  The LoginContext
- * saves the <code>AccessControlContext</code> for the caller,
+ * saves the {@code AccessControlContext} for the caller,
  * and invokes the configured modules from within an
- * <tt>AccessController.doPrivileged</tt> call constrained by that context.
+ * {@code AccessController.doPrivileged} call constrained by that context.
  * This means the caller context (stored when the LoginContext was created)
  * must have sufficient permissions to perform any security-sensitive tasks
  * that the modules may perform.
  * <p>
  * </ul>
  *
- * <li> <code>CallbackHandler</code>
+ * <li> {@code CallbackHandler}
  * <ul>
  * <li> If the constructor has a CallbackHandler
  * input parameter, the LoginContext uses the caller-specified
  * CallbackHandler object.
  * <p>
  * <li> If the constructor does <b>not</b> have a CallbackHandler
- * input parameter, or if the caller specifies a <code>null</code>
- * CallbackHandler object (and a <code>null</code> value is permitted),
+ * input parameter, or if the caller specifies a {@code null}
+ * CallbackHandler object (and a {@code null} value is permitted),
  * the LoginContext queries the
  * <i>auth.login.defaultCallbackHandler</i> security property
  * for the fully qualified class name of a default handler implementation.
@@ -177,10 +177,10 @@
  * then this LoginContext must wrap any
  * caller-specified or default CallbackHandler implementation
  * in a new CallbackHandler implementation
- * whose <code>handle</code> method implementation invokes the
- * specified CallbackHandler's <code>handle</code> method in a
- * <code>java.security.AccessController.doPrivileged</code> call
- * constrained by the caller's current <code>AccessControlContext</code>.
+ * whose {@code handle} method implementation invokes the
+ * specified CallbackHandler's {@code handle} method in a
+ * {@code java.security.AccessController.doPrivileged} call
+ * constrained by the caller's current {@code AccessControlContext}.
  * </ul>
  * </ol>
  *
@@ -332,14 +332,14 @@
     }
 
     /**
-     * Instantiate a new <code>LoginContext</code> object with a name.
+     * Instantiate a new {@code LoginContext} object with a name.
      *
      * @param name the name used as the index into the
-     *          <code>Configuration</code>.
+     *          {@code Configuration}.
      *
-     * @exception LoginException if the caller-specified <code>name</code>
-     *          does not appear in the <code>Configuration</code>
-     *          and there is no <code>Configuration</code> entry
+     * @exception LoginException if the caller-specified {@code name}
+     *          does not appear in the {@code Configuration}
+     *          and there is no {@code Configuration} entry
      *          for "<i>other</i>", or if the
      *          <i>auth.login.defaultCallbackHandler</i>
      *          security property was set, but the implementation
@@ -358,21 +358,21 @@
     }
 
     /**
-     * Instantiate a new <code>LoginContext</code> object with a name
-     * and a <code>Subject</code> object.
+     * Instantiate a new {@code LoginContext} object with a name
+     * and a {@code Subject} object.
      *
      * <p>
      *
      * @param name the name used as the index into the
-     *          <code>Configuration</code>. <p>
+     *          {@code Configuration}. <p>
      *
-     * @param subject the <code>Subject</code> to authenticate.
+     * @param subject the {@code Subject} to authenticate.
      *
-     * @exception LoginException if the caller-specified <code>name</code>
-     *          does not appear in the <code>Configuration</code>
-     *          and there is no <code>Configuration</code> entry
-     *          for "<i>other</i>", if the caller-specified <code>subject</code>
-     *          is <code>null</code>, or if the
+     * @exception LoginException if the caller-specified {@code name}
+     *          does not appear in the {@code Configuration}
+     *          and there is no {@code Configuration} entry
+     *          for "<i>other</i>", if the caller-specified {@code subject}
+     *          is {@code null}, or if the
      *          <i>auth.login.defaultCallbackHandler</i>
      *          security property was set, but the implementation
      *          class could not be loaded.
@@ -396,22 +396,22 @@
     }
 
     /**
-     * Instantiate a new <code>LoginContext</code> object with a name
-     * and a <code>CallbackHandler</code> object.
+     * Instantiate a new {@code LoginContext} object with a name
+     * and a {@code CallbackHandler} object.
      *
      * <p>
      *
      * @param name the name used as the index into the
-     *          <code>Configuration</code>. <p>
+     *          {@code Configuration}. <p>
      *
-     * @param callbackHandler the <code>CallbackHandler</code> object used by
+     * @param callbackHandler the {@code CallbackHandler} object used by
      *          LoginModules to communicate with the user.
      *
-     * @exception LoginException if the caller-specified <code>name</code>
-     *          does not appear in the <code>Configuration</code>
-     *          and there is no <code>Configuration</code> entry
+     * @exception LoginException if the caller-specified {@code name}
+     *          does not appear in the {@code Configuration}
+     *          and there is no {@code Configuration} entry
      *          for "<i>other</i>", or if the caller-specified
-     *          <code>callbackHandler</code> is <code>null</code>.
+     *          {@code callbackHandler} is {@code null}.
      *          <p>
      * @exception SecurityException if a SecurityManager is set and
      *          the caller does not have
@@ -432,27 +432,27 @@
     }
 
     /**
-     * Instantiate a new <code>LoginContext</code> object with a name,
-     * a <code>Subject</code> to be authenticated, and a
-     * <code>CallbackHandler</code> object.
+     * Instantiate a new {@code LoginContext} object with a name,
+     * a {@code Subject} to be authenticated, and a
+     * {@code CallbackHandler} object.
      *
      * <p>
      *
      * @param name the name used as the index into the
-     *          <code>Configuration</code>. <p>
+     *          {@code Configuration}. <p>
      *
-     * @param subject the <code>Subject</code> to authenticate. <p>
+     * @param subject the {@code Subject} to authenticate. <p>
      *
-     * @param callbackHandler the <code>CallbackHandler</code> object used by
+     * @param callbackHandler the {@code CallbackHandler} object used by
      *          LoginModules to communicate with the user.
      *
-     * @exception LoginException if the caller-specified <code>name</code>
-     *          does not appear in the <code>Configuration</code>
-     *          and there is no <code>Configuration</code> entry
+     * @exception LoginException if the caller-specified {@code name}
+     *          does not appear in the {@code Configuration}
+     *          and there is no {@code Configuration} entry
      *          for "<i>other</i>", or if the caller-specified
-     *          <code>subject</code> is <code>null</code>,
+     *          {@code subject} is {@code null},
      *          or if the caller-specified
-     *          <code>callbackHandler</code> is <code>null</code>.
+     *          {@code callbackHandler} is {@code null}.
      *          <p>
      * @exception SecurityException if a SecurityManager is set and
      *          the caller does not have
@@ -473,34 +473,34 @@
     }
 
     /**
-     * Instantiate a new <code>LoginContext</code> object with a name,
-     * a <code>Subject</code> to be authenticated,
-     * a <code>CallbackHandler</code> object, and a login
-     * <code>Configuration</code>.
+     * Instantiate a new {@code LoginContext} object with a name,
+     * a {@code Subject} to be authenticated,
+     * a {@code CallbackHandler} object, and a login
+     * {@code Configuration}.
      *
      * <p>
      *
      * @param name the name used as the index into the caller-specified
-     *          <code>Configuration</code>. <p>
+     *          {@code Configuration}. <p>
      *
-     * @param subject the <code>Subject</code> to authenticate,
-     *          or <code>null</code>. <p>
+     * @param subject the {@code Subject} to authenticate,
+     *          or {@code null}. <p>
      *
-     * @param callbackHandler the <code>CallbackHandler</code> object used by
-     *          LoginModules to communicate with the user, or <code>null</code>.
+     * @param callbackHandler the {@code CallbackHandler} object used by
+     *          LoginModules to communicate with the user, or {@code null}.
      *          <p>
      *
-     * @param config the <code>Configuration</code> that lists the
+     * @param config the {@code Configuration} that lists the
      *          login modules to be called to perform the authentication,
-     *          or <code>null</code>.
+     *          or {@code null}.
      *
-     * @exception LoginException if the caller-specified <code>name</code>
-     *          does not appear in the <code>Configuration</code>
-     *          and there is no <code>Configuration</code> entry
+     * @exception LoginException if the caller-specified {@code name}
+     *          does not appear in the {@code Configuration}
+     *          and there is no {@code Configuration} entry
      *          for "<i>other</i>".
      *          <p>
      * @exception SecurityException if a SecurityManager is set,
-     *          <i>config</i> is <code>null</code>,
+     *          <i>config</i> is {@code null},
      *          and either the caller does not have
      *          AuthPermission("createLoginContext.<i>name</i>"),
      *          or if a configuration entry for <i>name</i> does not exist and
@@ -536,46 +536,46 @@
     /**
      * Perform the authentication.
      *
-     * <p> This method invokes the <code>login</code> method for each
+     * <p> This method invokes the {@code login} method for each
      * LoginModule configured for the <i>name</i> specified to the
-     * <code>LoginContext</code> constructor, as determined by the login
-     * <code>Configuration</code>.  Each <code>LoginModule</code>
+     * {@code LoginContext} constructor, as determined by the login
+     * {@code Configuration}.  Each {@code LoginModule}
      * then performs its respective type of authentication
      * (username/password, smart card pin verification, etc.).
      *
      * <p> This method completes a 2-phase authentication process by
-     * calling each configured LoginModule's <code>commit</code> method
+     * calling each configured LoginModule's {@code commit} method
      * if the overall authentication succeeded (the relevant REQUIRED,
      * REQUISITE, SUFFICIENT, and OPTIONAL LoginModules succeeded),
-     * or by calling each configured LoginModule's <code>abort</code> method
+     * or by calling each configured LoginModule's {@code abort} method
      * if the overall authentication failed.  If authentication succeeded,
-     * each successful LoginModule's <code>commit</code> method associates
-     * the relevant Principals and Credentials with the <code>Subject</code>.
-     * If authentication failed, each LoginModule's <code>abort</code> method
+     * each successful LoginModule's {@code commit} method associates
+     * the relevant Principals and Credentials with the {@code Subject}.
+     * If authentication failed, each LoginModule's {@code abort} method
      * removes/destroys any previously stored state.
      *
-     * <p> If the <code>commit</code> phase of the authentication process
+     * <p> If the {@code commit} phase of the authentication process
      * fails, then the overall authentication fails and this method
-     * invokes the <code>abort</code> method for each configured
-     * <code>LoginModule</code>.
+     * invokes the {@code abort} method for each configured
+     * {@code LoginModule}.
      *
-     * <p> If the <code>abort</code> phase
+     * <p> If the {@code abort} phase
      * fails for any reason, then this method propagates the
-     * original exception thrown either during the <code>login</code> phase
-     * or the <code>commit</code> phase.  In either case, the overall
+     * original exception thrown either during the {@code login} phase
+     * or the {@code commit} phase.  In either case, the overall
      * authentication fails.
      *
      * <p> In the case where multiple LoginModules fail,
      * this method propagates the exception raised by the first
-     * <code>LoginModule</code> which failed.
+     * {@code LoginModule} which failed.
      *
-     * <p> Note that if this method enters the <code>abort</code> phase
-     * (either the <code>login</code> or <code>commit</code> phase failed),
+     * <p> Note that if this method enters the {@code abort} phase
+     * (either the {@code login} or {@code commit} phase failed),
      * this method invokes all LoginModules configured for the
-     * application regardless of their respective <code>Configuration</code>
-     * flag parameters.  Essentially this means that <code>Requisite</code>
-     * and <code>Sufficient</code> semantics are ignored during the
-     * <code>abort</code> phase.  This guarantees that proper cleanup
+     * application regardless of their respective {@code Configuration}
+     * flag parameters.  Essentially this means that {@code Requisite}
+     * and {@code Sufficient} semantics are ignored during the
+     * {@code abort} phase.  This guarantees that proper cleanup
      * and state restoration can take place.
      *
      * <p>
@@ -606,19 +606,19 @@
     }
 
     /**
-     * Logout the <code>Subject</code>.
+     * Logout the {@code Subject}.
      *
-     * <p> This method invokes the <code>logout</code> method for each
-     * <code>LoginModule</code> configured for this <code>LoginContext</code>.
-     * Each <code>LoginModule</code> performs its respective logout procedure
+     * <p> This method invokes the {@code logout} method for each
+     * {@code LoginModule} configured for this {@code LoginContext}.
+     * Each {@code LoginModule} performs its respective logout procedure
      * which may include removing/destroying
-     * <code>Principal</code> and <code>Credential</code> information
-     * from the <code>Subject</code> and state cleanup.
+     * {@code Principal} and {@code Credential} information
+     * from the {@code Subject} and state cleanup.
      *
      * <p> Note that this method invokes all LoginModules configured for the
      * application regardless of their respective
-     * <code>Configuration</code> flag parameters.  Essentially this means
-     * that <code>Requisite</code> and <code>Sufficient</code> semantics are
+     * {@code Configuration} flag parameters.  Essentially this means
+     * that {@code Requisite} and {@code Sufficient} semantics are
      * ignored for this method.  This guarantees that proper cleanup
      * and state restoration can take place.
      *
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/javax/security/auth/login/package-info.java	Mon Jan 23 20:14:27 2017 +0000
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * This package provides a pluggable authentication framework.
+ * <h2>Package Specification</h2>
+ *
+ * <ul>
+ *   <li><a href="{@docRoot}/../technotes/guides/security/StandardNames.html">
+ *     <b>Java&trade;
+ *     Cryptography Architecture Standard Algorithm Name
+ *     Documentation</b></a></li>
+ * </ul>
+ *
+ * @since 1.4
+ */
+package javax.security.auth.login;
--- a/src/share/classes/javax/security/auth/login/package.html	Mon Jan 23 17:53:32 2017 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
-<html>
-<head>
-<!--
-Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
-DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-
-This code is free software; you can redistribute it and/or modify it
-under the terms of the GNU General Public License version 2 only, as
-published by the Free Software Foundation.  Oracle designates this
-particular file as subject to the "Classpath" exception as provided
-by Oracle in the LICENSE file that accompanied this code.
-
-This code is distributed in the hope that it will be useful, but WITHOUT
-ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-version 2 for more details (a copy is included in the LICENSE file that
-accompanied this code).
-
-You should have received a copy of the GNU General Public License version
-2 along with this work; if not, write to the Free Software Foundation,
-Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-or visit www.oracle.com if you need additional information or have any
-questions.
--->
-
-</head>
-<body bgcolor="white">
-
-	This package provides a pluggable authentication framework.
-<h2>Package Specification</h2>
-
-<ul>
-  <li><a href="{@docRoot}/../technotes/guides/security/StandardNames.html">
-    <b>Java<FONT SIZE=-2><SUP>TM</SUP></FONT>
-    Cryptography Architecture Standard Algorithm Name
-    Documentation</b></a></li>
-</ul>
-
-<!--
-<h2>Related Documentation</h2>
-
-For overviews, tutorials, examples, guides, and tool documentation, please see:
-<ul>
-  <li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
-</ul>
-
--->
-
-@since 1.4
-</body>
-</html>
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/javax/security/auth/package-info.java	Mon Jan 23 20:14:27 2017 +0000
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * This package provides a framework for authentication and
+ * authorization. The framework allows
+ * authentication to be performed in pluggable fashion. Different
+ * authentication modules can be plugged under an application without
+ * requiring modifications to the application itself. The
+ * authorization component allows specification of access controls
+ * based on code location, code signers and code executors
+ * (Subjects).
+ *
+ * @since JDK1.4
+ */
+package javax.security.auth;
--- a/src/share/classes/javax/security/auth/package.html	Mon Jan 23 17:53:32 2017 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,61 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
-<html>
-<head>
-<!--
-Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
-DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-
-This code is free software; you can redistribute it and/or modify it
-under the terms of the GNU General Public License version 2 only, as
-published by the Free Software Foundation.  Oracle designates this
-particular file as subject to the "Classpath" exception as provided
-by Oracle in the LICENSE file that accompanied this code.
-
-This code is distributed in the hope that it will be useful, but WITHOUT
-ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-version 2 for more details (a copy is included in the LICENSE file that
-accompanied this code).
-
-You should have received a copy of the GNU General Public License version
-2 along with this work; if not, write to the Free Software Foundation,
-Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-or visit www.oracle.com if you need additional information or have any
-questions.
--->
-
-</head>
-<body bgcolor="white">
-
-    This package provides a framework for authentication and
-    authorization. The framework allows
-    authentication to be performed in pluggable fashion. Different
-    authentication modules can be plugged under an application without
-    requiring modifications to the application itself. The
-    authorization component allows specification of access controls
-    based on code location, code signers and code executors
-    (Subjects).
-
-
-<!--
-<h2>Package Specification</h2>
-
-##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
-<ul>
-  <li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
-</ul>
-
-<h2>Related Documentation</h2>
-
-For overviews, tutorials, examples, guides, and tool documentation, please see:
-<ul>
-  <li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
-</ul>
-
--->
-
-@since JDK1.4
-</body>
-</html>
--- a/src/share/classes/javax/security/auth/spi/LoginModule.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/spi/LoginModule.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,95 +32,95 @@
 import java.util.Map;
 
 /**
- * <p> <code>LoginModule</code> describes the interface
+ * <p> {@code LoginModule} describes the interface
  * implemented by authentication technology providers.  LoginModules
  * are plugged in under applications to provide a particular type of
  * authentication.
  *
- * <p> While applications write to the <code>LoginContext</code> API,
+ * <p> While applications write to the {@code LoginContext} API,
  * authentication technology providers implement the
- * <code>LoginModule</code> interface.
- * A <code>Configuration</code> specifies the LoginModule(s)
+ * {@code LoginModule} interface.
+ * A {@code Configuration} specifies the LoginModule(s)
  * to be used with a particular login application.  Therefore different
  * LoginModules can be plugged in under the application without
  * requiring any modifications to the application itself.
  *
- * <p> The <code>LoginContext</code> is responsible for reading the
- * <code>Configuration</code> and instantiating the appropriate
- * LoginModules.  Each <code>LoginModule</code> is initialized with
- * a <code>Subject</code>, a <code>CallbackHandler</code>, shared
- * <code>LoginModule</code> state, and LoginModule-specific options.
+ * <p> The {@code LoginContext} is responsible for reading the
+ * {@code Configuration} and instantiating the appropriate
+ * LoginModules.  Each {@code LoginModule} is initialized with
+ * a {@code Subject}, a {@code CallbackHandler}, shared
+ * {@code LoginModule} state, and LoginModule-specific options.
  *
- * The <code>Subject</code> represents the
- * <code>Subject</code> currently being authenticated and is updated
+ * The {@code Subject} represents the
+ * {@code Subject} currently being authenticated and is updated
  * with relevant Credentials if authentication succeeds.
- * LoginModules use the <code>CallbackHandler</code> to
- * communicate with users.  The <code>CallbackHandler</code> may be
+ * LoginModules use the {@code CallbackHandler} to
+ * communicate with users.  The {@code CallbackHandler} may be
  * used to prompt for usernames and passwords, for example.
- * Note that the <code>CallbackHandler</code> may be null.  LoginModules
- * which absolutely require a <code>CallbackHandler</code> to authenticate
- * the <code>Subject</code> may throw a <code>LoginException</code>.
+ * Note that the {@code CallbackHandler} may be null.  LoginModules
+ * which absolutely require a {@code CallbackHandler} to authenticate
+ * the {@code Subject} may throw a {@code LoginException}.
  * LoginModules optionally use the shared state to share information
  * or data among themselves.
  *
  * <p> The LoginModule-specific options represent the options
- * configured for this <code>LoginModule</code> by an administrator or user
- * in the login <code>Configuration</code>.
- * The options are defined by the <code>LoginModule</code> itself
+ * configured for this {@code LoginModule} by an administrator or user
+ * in the login {@code Configuration}.
+ * The options are defined by the {@code LoginModule} itself
  * and control the behavior within it.  For example, a
- * <code>LoginModule</code> may define options to support debugging/testing
+ * {@code LoginModule} may define options to support debugging/testing
  * capabilities.  Options are defined using a key-value syntax,
- * such as <i>debug=true</i>.  The <code>LoginModule</code>
- * stores the options as a <code>Map</code> so that the values may
+ * such as <i>debug=true</i>.  The {@code LoginModule}
+ * stores the options as a {@code Map} so that the values may
  * be retrieved using the key.  Note that there is no limit to the number
- * of options a <code>LoginModule</code> chooses to define.
+ * of options a {@code LoginModule} chooses to define.
  *
  * <p> The calling application sees the authentication process as a single
  * operation.  However, the authentication process within the
- * <code>LoginModule</code> proceeds in two distinct phases.
+ * {@code LoginModule} proceeds in two distinct phases.
  * In the first phase, the LoginModule's
- * <code>login</code> method gets invoked by the LoginContext's
- * <code>login</code> method.  The <code>login</code>
- * method for the <code>LoginModule</code> then performs
+ * {@code login} method gets invoked by the LoginContext's
+ * {@code login} method.  The {@code login}
+ * method for the {@code LoginModule} then performs
  * the actual authentication (prompt for and verify a password for example)
  * and saves its authentication status as private state
- * information.  Once finished, the LoginModule's <code>login</code>
- * method either returns <code>true</code> (if it succeeded) or
- * <code>false</code> (if it should be ignored), or throws a
- * <code>LoginException</code> to specify a failure.
- * In the failure case, the <code>LoginModule</code> must not retry the
+ * information.  Once finished, the LoginModule's {@code login}
+ * method either returns {@code true} (if it succeeded) or
+ * {@code false} (if it should be ignored), or throws a
+ * {@code LoginException} to specify a failure.
+ * In the failure case, the {@code LoginModule} must not retry the
  * authentication or introduce delays.  The responsibility of such tasks
  * belongs to the application.  If the application attempts to retry
- * the authentication, the LoginModule's <code>login</code> method will be
+ * the authentication, the LoginModule's {@code login} method will be
  * called again.
  *
  * <p> In the second phase, if the LoginContext's overall authentication
  * succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL
- * LoginModules succeeded), then the <code>commit</code>
- * method for the <code>LoginModule</code> gets invoked.
- * The <code>commit</code> method for a <code>LoginModule</code> checks its
+ * LoginModules succeeded), then the {@code commit}
+ * method for the {@code LoginModule} gets invoked.
+ * The {@code commit} method for a {@code LoginModule} checks its
  * privately saved state to see if its own authentication succeeded.
- * If the overall <code>LoginContext</code> authentication succeeded
+ * If the overall {@code LoginContext} authentication succeeded
  * and the LoginModule's own authentication succeeded, then the
- * <code>commit</code> method associates the relevant
+ * {@code commit} method associates the relevant
  * Principals (authenticated identities) and Credentials (authentication data
- * such as cryptographic keys) with the <code>Subject</code>
- * located within the <code>LoginModule</code>.
+ * such as cryptographic keys) with the {@code Subject}
+ * located within the {@code LoginModule}.
  *
  * <p> If the LoginContext's overall authentication failed (the relevant
  * REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed),
- * then the <code>abort</code> method for each <code>LoginModule</code>
- * gets invoked.  In this case, the <code>LoginModule</code> removes/destroys
+ * then the {@code abort} method for each {@code LoginModule}
+ * gets invoked.  In this case, the {@code LoginModule} removes/destroys
  * any authentication state originally saved.
  *
- * <p> Logging out a <code>Subject</code> involves only one phase.
- * The <code>LoginContext</code> invokes the LoginModule's <code>logout</code>
- * method.  The <code>logout</code> method for the <code>LoginModule</code>
+ * <p> Logging out a {@code Subject} involves only one phase.
+ * The {@code LoginContext} invokes the LoginModule's {@code logout}
+ * method.  The {@code logout} method for the {@code LoginModule}
  * then performs the logout procedures, such as removing Principals or
- * Credentials from the <code>Subject</code> or logging session information.
+ * Credentials from the {@code Subject} or logging session information.
  *
- * <p> A <code>LoginModule</code> implementation must have a constructor with
- * no arguments.  This allows classes which load the <code>LoginModule</code>
+ * <p> A {@code LoginModule} implementation must have a constructor with
+ * no arguments.  This allows classes which load the {@code LoginModule}
  * to instantiate it.
  *
  * @see javax.security.auth.login.LoginContext
@@ -131,38 +131,38 @@
     /**
      * Initialize this LoginModule.
      *
-     * <p> This method is called by the <code>LoginContext</code>
-     * after this <code>LoginModule</code> has been instantiated.
+     * <p> This method is called by the {@code LoginContext}
+     * after this {@code LoginModule} has been instantiated.
      * The purpose of this method is to initialize this
-     * <code>LoginModule</code> with the relevant information.
-     * If this <code>LoginModule</code> does not understand
-     * any of the data stored in <code>sharedState</code> or
-     * <code>options</code> parameters, they can be ignored.
+     * {@code LoginModule} with the relevant information.
+     * If this {@code LoginModule} does not understand
+     * any of the data stored in {@code sharedState} or
+     * {@code options} parameters, they can be ignored.
      *
      * <p>
      *
-     * @param subject the <code>Subject</code> to be authenticated. <p>
+     * @param subject the {@code Subject} to be authenticated. <p>
      *
-     * @param callbackHandler a <code>CallbackHandler</code> for communicating
+     * @param callbackHandler a {@code CallbackHandler} for communicating
      *                  with the end user (prompting for usernames and
      *                  passwords, for example). <p>
      *
      * @param sharedState state shared with other configured LoginModules. <p>
      *
      * @param options options specified in the login
-     *                  <code>Configuration</code> for this particular
-     *                  <code>LoginModule</code>.
+     *                  {@code Configuration} for this particular
+     *                  {@code LoginModule}.
      */
     void initialize(Subject subject, CallbackHandler callbackHandler,
                     Map<String,?> sharedState,
                     Map<String,?> options);
 
     /**
-     * Method to authenticate a <code>Subject</code> (phase 1).
+     * Method to authenticate a {@code Subject} (phase 1).
      *
      * <p> The implementation of this method authenticates
-     * a <code>Subject</code>.  For example, it may prompt for
-     * <code>Subject</code> information such
+     * a {@code Subject}.  For example, it may prompt for
+     * {@code Subject} information such
      * as a username and password and then attempt to verify the password.
      * This method saves the result of the authentication attempt
      * as private state within the LoginModule.
@@ -172,7 +172,7 @@
      * @exception LoginException if the authentication fails
      *
      * @return true if the authentication succeeded, or false if this
-     *                  <code>LoginModule</code> should be ignored.
+     *                  {@code LoginModule} should be ignored.
      */
     boolean login() throws LoginException;
 
@@ -186,9 +186,9 @@
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> method), then this method associates relevant
-     * Principals and Credentials with the <code>Subject</code> located in the
-     * <code>LoginModule</code>.  If this LoginModule's own
+     * {@code login} method), then this method associates relevant
+     * Principals and Credentials with the {@code Subject} located in the
+     * {@code LoginModule}.  If this LoginModule's own
      * authentication attempted failed, then this method removes/destroys
      * any state that was originally saved.
      *
@@ -197,7 +197,7 @@
      * @exception LoginException if the commit fails
      *
      * @return true if this method succeeded, or false if this
-     *                  <code>LoginModule</code> should be ignored.
+     *                  {@code LoginModule} should be ignored.
      */
     boolean commit() throws LoginException;
 
@@ -211,7 +211,7 @@
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> method), then this method cleans up any state
+     * {@code login} method), then this method cleans up any state
      * that was originally saved.
      *
      * <p>
@@ -219,12 +219,12 @@
      * @exception LoginException if the abort fails
      *
      * @return true if this method succeeded, or false if this
-     *                  <code>LoginModule</code> should be ignored.
+     *                  {@code LoginModule} should be ignored.
      */
     boolean abort() throws LoginException;
 
     /**
-     * Method which logs out a <code>Subject</code>.
+     * Method which logs out a {@code Subject}.
      *
      * <p>An implementation of this method might remove/destroy a Subject's
      * Principals and Credentials.
@@ -234,7 +234,7 @@
      * @exception LoginException if the logout fails
      *
      * @return true if this method succeeded, or false if this
-     *                  <code>LoginModule</code> should be ignored.
+     *                  {@code LoginModule} should be ignored.
      */
     boolean logout() throws LoginException;
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/javax/security/auth/spi/package-info.java	Mon Jan 23 20:14:27 2017 +0000
@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * This package provides the interface to be used for
+ * implementing pluggable authentication modules.
+ *
+ * @since JDK1.4
+ */
+package javax.security.auth.spi;
--- a/src/share/classes/javax/security/auth/spi/package.html	Mon Jan 23 17:53:32 2017 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,53 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
-<html>
-<head>
-<!--
-Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
-DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-
-This code is free software; you can redistribute it and/or modify it
-under the terms of the GNU General Public License version 2 only, as
-published by the Free Software Foundation.  Oracle designates this
-particular file as subject to the "Classpath" exception as provided
-by Oracle in the LICENSE file that accompanied this code.
-
-This code is distributed in the hope that it will be useful, but WITHOUT
-ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-version 2 for more details (a copy is included in the LICENSE file that
-accompanied this code).
-
-You should have received a copy of the GNU General Public License version
-2 along with this work; if not, write to the Free Software Foundation,
-Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-or visit www.oracle.com if you need additional information or have any
-questions.
--->
-
-</head>
-<body bgcolor="white">
-	
-	This package provides the interface to be used for
- 	implementing pluggable authentication modules.
-<!--
-<h2>Package Specification</h2>
-
-##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
-<ul>
-  <li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
-</ul>
-
-<h2>Related Documentation</h2>
-
-For overviews, tutorials, examples, guides, and tool documentation, please see:
-<ul>
-  <li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
-</ul>
-
--->
-
-@since JDK1.4
-</body>
-</html>
--- a/src/share/classes/javax/security/auth/x500/X500Principal.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/x500/X500Principal.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,8 +33,8 @@
 import sun.security.util.*;
 
 /**
- * <p> This class represents an X.500 <code>Principal</code>.
- * <code>X500Principal</code>s are represented by distinguished names such as
+ * <p> This class represents an X.500 {@code Principal}.
+ * {@code X500Principal}s are represented by distinguished names such as
  * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US".
  *
  * <p> This class can be instantiated by using a string representation
@@ -50,12 +50,12 @@
  * <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: Internet X.509
  * Public Key Infrastructure Certificate and CRL Profile</a>.
  *
- * <p> The string representation for this <code>X500Principal</code>
- * can be obtained by calling the <code>getName</code> methods.
+ * <p> The string representation for this {@code X500Principal}
+ * can be obtained by calling the {@code getName} methods.
  *
- * <p> Note that the <code>getSubjectX500Principal</code> and
- * <code>getIssuerX500Principal</code> methods of
- * <code>X509Certificate</code> return X500Principals representing the
+ * <p> Note that the {@code getSubjectX500Principal} and
+ * {@code getIssuerX500Principal} methods of
+ * {@code X509Certificate} return X500Principals representing the
  * issuer and subject fields of the certificate.
  *
  * @see java.security.cert.X509Certificate
@@ -97,7 +97,7 @@
     }
 
     /**
-     * Creates an <code>X500Principal</code> from a string representation of
+     * Creates an {@code X500Principal} from a string representation of
      * an X.500 distinguished name (ex:
      * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US").
      * The distinguished name must be specified using the grammar defined in
@@ -112,9 +112,9 @@
      * Any other attribute type must be specified as an OID.
      *
      * @param name an X.500 distinguished name in RFC 1779 or RFC 2253 format
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>
-     * @exception IllegalArgumentException if the <code>name</code>
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}
+     * @exception IllegalArgumentException if the {@code name}
      *                  is improperly specified
      */
     public X500Principal(String name) {
@@ -122,7 +122,7 @@
     }
 
     /**
-     * Creates an <code>X500Principal</code> from a string representation of
+     * Creates an {@code X500Principal} from a string representation of
      * an X.500 distinguished name (ex:
      * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US").
      * The distinguished name must be specified using the grammar defined in
@@ -130,24 +130,24 @@
      *
      * <p> This constructor recognizes the attribute type keywords specified
      * in {@link #X500Principal(String)} and also recognizes additional
-     * keywords that have entries in the <code>keywordMap</code> parameter.
+     * keywords that have entries in the {@code keywordMap} parameter.
      * Keyword entries in the keywordMap take precedence over the default
-     * keywords recognized by <code>X500Principal(String)</code>. Keywords
+     * keywords recognized by {@code X500Principal(String)}. Keywords
      * MUST be specified in all upper-case, otherwise they will be ignored.
      * Improperly specified keywords are ignored; however if a keyword in the
      * name maps to an improperly specified OID, an
-     * <code>IllegalArgumentException</code> is thrown. It is permissible to
+     * {@code IllegalArgumentException} is thrown. It is permissible to
      * have 2 different keywords that map to the same OID.
      *
      * @param name an X.500 distinguished name in RFC 1779 or RFC 2253 format
      * @param keywordMap an attribute type keyword map, where each key is a
      *   keyword String that maps to a corresponding object identifier in String
      *   form (a sequence of nonnegative integers separated by periods). The map
-     *   may be empty but never <code>null</code>.
-     * @exception NullPointerException if <code>name</code> or
-     *   <code>keywordMap</code> is <code>null</code>
-     * @exception IllegalArgumentException if the <code>name</code> is
-     *   improperly specified or a keyword in the <code>name</code> maps to an
+     *   may be empty but never {@code null}.
+     * @exception NullPointerException if {@code name} or
+     *   {@code keywordMap} is {@code null}
+     * @exception IllegalArgumentException if the {@code name} is
+     *   improperly specified or a keyword in the {@code name} maps to an
      *   OID that is not in the correct form
      * @since 1.6
      */
@@ -174,10 +174,10 @@
     }
 
     /**
-     * Creates an <code>X500Principal</code> from a distinguished name in
+     * Creates an {@code X500Principal} from a distinguished name in
      * ASN.1 DER encoded form. The ASN.1 notation for this structure is as
      * follows.
-     * <pre><code>
+     * <pre>{@code
      * Name ::= CHOICE {
      *   RDNSequence }
      *
@@ -200,7 +200,7 @@
      *       universalString         UniversalString (SIZE (1..MAX)),
      *       utf8String              UTF8String (SIZE (1.. MAX)),
      *       bmpString               BMPString (SIZE (1..MAX)) }
-     * </code></pre>
+     * }</pre>
      *
      * @param name a byte array containing the distinguished name in ASN.1
      * DER encoded form
@@ -219,7 +219,7 @@
     }
 
     /**
-     * Creates an <code>X500Principal</code> from an <code>InputStream</code>
+     * Creates an {@code X500Principal} from an {@code InputStream}
      * containing the distinguished name in ASN.1 DER encoded form.
      * The ASN.1 notation for this structure is supplied in the
      * documentation for
@@ -228,11 +228,11 @@
      * <p> The read position of the input stream is positioned
      * to the next available byte after the encoded distinguished name.
      *
-     * @param is an <code>InputStream</code> containing the distinguished
+     * @param is an {@code InputStream} containing the distinguished
      *          name in ASN.1 DER encoded form
      *
-     * @exception NullPointerException if the <code>InputStream</code>
-     *          is <code>null</code>
+     * @exception NullPointerException if the {@code InputStream}
+     *          is {@code null}
      * @exception IllegalArgumentException if an encoding error occurs
      *          (incorrect form for DN)
      */
@@ -270,9 +270,9 @@
      * the format defined in RFC 2253.
      *
      * <p>This method is equivalent to calling
-     * <code>getName(X500Principal.RFC2253)</code>.
+     * {@code getName(X500Principal.RFC2253)}.
      *
-     * @return the distinguished name of this <code>X500Principal</code>
+     * @return the distinguished name of this {@code X500Principal}
      */
     public String getName() {
         return getName(X500Principal.RFC2253);
@@ -324,9 +324,9 @@
      *          those which section 2.4 of RFC 2253 states must be escaped
      *          (they are escaped using a preceding backslash character)
      * <li> The entire name is converted to upper case
-     *          using <code>String.toUpperCase(Locale.US)</code>
+     *          using {@code String.toUpperCase(Locale.US)}
      * <li> The entire name is converted to lower case
-     *          using <code>String.toLowerCase(Locale.US)</code>
+     *          using {@code String.toLowerCase(Locale.US)}
      * <li> The name is finally normalized using normalization form KD,
      *          as described in the Unicode Standard and UAX #15
      * </ol>
@@ -335,7 +335,7 @@
      *
      * @param format the format to use
      *
-     * @return a string representation of this <code>X500Principal</code>
+     * @return a string representation of this {@code X500Principal}
      *          using the specified format
      * @throws IllegalArgumentException if the specified format is invalid
      *          or null
@@ -357,16 +357,16 @@
      * Returns a string representation of the X.500 distinguished name
      * using the specified format. Valid values for the format are
      * "RFC1779" and "RFC2253" (case insensitive). "CANONICAL" is not
-     * permitted and an <code>IllegalArgumentException</code> will be thrown.
+     * permitted and an {@code IllegalArgumentException} will be thrown.
      *
      * <p>This method returns Strings in the format as specified in
      * {@link #getName(String)} and also emits additional attribute type
-     * keywords for OIDs that have entries in the <code>oidMap</code>
+     * keywords for OIDs that have entries in the {@code oidMap}
      * parameter. OID entries in the oidMap take precedence over the default
-     * OIDs recognized by <code>getName(String)</code>.
+     * OIDs recognized by {@code getName(String)}.
      * Improperly specified OIDs are ignored; however if an OID
      * in the name maps to an improperly specified keyword, an
-     * <code>IllegalArgumentException</code> is thrown.
+     * {@code IllegalArgumentException} is thrown.
      *
      * <p> Additional standard formats may be introduced in the future.
      *
@@ -379,12 +379,12 @@
      * @param oidMap an OID map, where each key is an object identifier in
      *  String form (a sequence of nonnegative integers separated by periods)
      *  that maps to a corresponding attribute type keyword String.
-     *  The map may be empty but never <code>null</code>.
-     * @return a string representation of this <code>X500Principal</code>
+     *  The map may be empty but never {@code null}.
+     * @return a string representation of this {@code X500Principal}
      *          using the specified format
      * @throws IllegalArgumentException if the specified format is invalid,
      *  null, or an OID in the name maps to an improperly specified keyword
-     * @throws NullPointerException if <code>oidMap</code> is <code>null</code>
+     * @throws NullPointerException if {@code oidMap} is {@code null}
      * @since 1.6
      */
     public String getName(String format, Map<String, String> oidMap) {
@@ -424,31 +424,31 @@
 
     /**
      * Return a user-friendly string representation of this
-     * <code>X500Principal</code>.
+     * {@code X500Principal}.
      *
-     * @return a string representation of this <code>X500Principal</code>
+     * @return a string representation of this {@code X500Principal}
      */
     public String toString() {
         return thisX500Name.toString();
     }
 
     /**
-     * Compares the specified <code>Object</code> with this
-     * <code>X500Principal</code> for equality.
+     * Compares the specified {@code Object} with this
+     * {@code X500Principal} for equality.
      *
-     * <p> Specifically, this method returns <code>true</code> if
-     * the <code>Object</code> <i>o</i> is an <code>X500Principal</code>
+     * <p> Specifically, this method returns {@code true} if
+     * the {@code Object} <i>o</i> is an {@code X500Principal}
      * and if the respective canonical string representations
-     * (obtained via the <code>getName(X500Principal.CANONICAL)</code> method)
+     * (obtained via the {@code getName(X500Principal.CANONICAL)} method)
      * of this object and <i>o</i> are equal.
      *
      * <p> This implementation is compliant with the requirements of RFC 3280.
      *
      * @param o Object to be compared for equality with this
-     *          <code>X500Principal</code>
+     *          {@code X500Principal}
      *
-     * @return <code>true</code> if the specified <code>Object</code> is equal
-     *          to this <code>X500Principal</code>, <code>false</code> otherwise
+     * @return {@code true} if the specified {@code Object} is equal
+     *          to this {@code X500Principal}, {@code false} otherwise
      */
     public boolean equals(Object o) {
         if (this == o) {
@@ -462,12 +462,12 @@
     }
 
     /**
-     * Return a hash code for this <code>X500Principal</code>.
+     * Return a hash code for this {@code X500Principal}.
      *
      * <p> The hash code is calculated via:
-     * <code>getName(X500Principal.CANONICAL).hashCode()</code>
+     * {@code getName(X500Principal.CANONICAL).hashCode()}
      *
-     * @return a hash code for this <code>X500Principal</code>
+     * @return a hash code for this {@code X500Principal}
      */
     public int hashCode() {
         return thisX500Name.hashCode();
@@ -476,9 +476,9 @@
     /**
      * Save the X500Principal object to a stream.
      *
-     * @serialData this <code>X500Principal</code> is serialized
+     * @serialData this {@code X500Principal} is serialized
      *          by writing out its DER-encoded form
-     *          (the value of <code>getEncoded</code> is serialized).
+     *          (the value of {@code getEncoded} is serialized).
      */
     private void writeObject(java.io.ObjectOutputStream s)
         throws IOException {
--- a/src/share/classes/javax/security/auth/x500/X500PrivateCredential.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/auth/x500/X500PrivateCredential.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2001, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,7 +30,7 @@
 import javax.security.auth.Destroyable;
 
 /**
- * <p> This class represents an <code>X500PrivateCredential</code>.
+ * <p> This class represents an {@code X500PrivateCredential}.
  * It associates an X.509 certificate, corresponding private key and the
  * KeyStore alias used to reference that exact key pair in the KeyStore.
  * This enables looking up the private credentials for an X.500 principal
@@ -48,8 +48,8 @@
      * <p>
      * @param cert X509Certificate
      * @param key  PrivateKey for the certificate
-     * @exception IllegalArgumentException if either <code>cert</code> or
-     * <code>key</code> is null
+     * @exception IllegalArgumentException if either {@code cert} or
+     * {@code key} is null
      *
      */
 
@@ -68,8 +68,8 @@
      * @param cert X509Certificate
      * @param key  PrivateKey for the certificate
      * @param alias KeyStore alias
-     * @exception IllegalArgumentException if either <code>cert</code>,
-     * <code>key</code> or <code>alias</code> is null
+     * @exception IllegalArgumentException if either {@code cert},
+     * {@code key} or {@code alias} is null
      *
      */
     public X500PrivateCredential(X509Certificate cert, PrivateKey key,
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/javax/security/auth/x500/package-info.java	Mon Jan 23 20:14:27 2017 +0000
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * This package contains the classes that should be used to store
+ * X500 Principal and X500 Private Credentials in a
+ * <i>Subject</i>.
+ *
+ * <h2>Package Specification</h2>
+ *
+ * <ul>
+ *   <li><a href="http://www.ietf.org/rfc/rfc1779.txt">
+ *     RFC 1779: A String Representation of Distinguished Names</a></li>
+ *   <li><a href="http://www.ietf.org/rfc/rfc2253.txt">
+ *     RFC 2253: Lightweight Directory Access Protocol (v3):
+ *     UTF-8 String Representation of Distinguished Names</a></li>
+ *   <li><a href="http://www.ietf.org/rfc/rfc3280.txt">
+ *     RFC 3280: Internet X.509 Public Key Infrastructure
+ *     Certificate and Certificate Revocation List (CRL) Profile</a></li>
+ *   <li><a href="http://www.ietf.org/rfc/rfc4512.txt">
+ *     RFC 4512: Lightweight Directory Access Protocol (LDAP):
+ *     Directory Information Models</a></li>
+ * </ul>
+ *
+ * @since JDK1.4
+ */
+package javax.security.auth.x500;
--- a/src/share/classes/javax/security/auth/x500/package.html	Mon Jan 23 17:53:32 2017 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,55 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
-<html>
-<head>
-<!--
-Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
-DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-
-This code is free software; you can redistribute it and/or modify it
-under the terms of the GNU General Public License version 2 only, as
-published by the Free Software Foundation.  Oracle designates this
-particular file as subject to the "Classpath" exception as provided
-by Oracle in the LICENSE file that accompanied this code.
-
-This code is distributed in the hope that it will be useful, but WITHOUT
-ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-version 2 for more details (a copy is included in the LICENSE file that
-accompanied this code).
-
-You should have received a copy of the GNU General Public License version
-2 along with this work; if not, write to the Free Software Foundation,
-Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-or visit www.oracle.com if you need additional information or have any
-questions.
--->
-
-</head>
-<body bgcolor="white">
-
-    This package contains the classes that should be used to store 
-    X500 Principal and X500 Private Crendentials in a
-    <i>Subject</i>.
-
-<!--
-<h2>Package Specification</h2>
-
-##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
-<ul>
-  <li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
-</ul>
-
-<h2>Related Documentation</h2>
-
-For overviews, tutorials, examples, guides, and tool documentation, please see:
-<ul>
-  <li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
-</ul>
-
--->
-
-@since JDK1.4
-</body>
-</html>
--- a/src/share/classes/javax/security/cert/Certificate.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/cert/Certificate.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -49,11 +49,11 @@
  * sets of information, and they store and retrieve the information in
  * different ways.
  *
- * <p><em>Note: The classes in the package <code>javax.security.cert</code>
+ * <p><em>Note: The classes in the package {@code javax.security.cert}
  * exist for compatibility with earlier versions of the
  * Java Secure Sockets Extension (JSSE). New applications should instead
  * use the standard Java SE certificate classes located in
- * <code>java.security.cert</code>.</em></p>
+ * {@code java.security.cert}.</em></p>
  *
  * @since 1.4
  * @see X509Certificate
@@ -64,8 +64,8 @@
 
     /**
      * Compares this certificate for equality with the specified
-     * object. If the <code>other</code> object is an
-     * <code>instanceof</code> <code>Certificate</code>, then
+     * object. If the {@code other} object is an
+     * {@code instanceof} {@code Certificate}, then
      * its encoded form is retrieved and compared with the
      * encoded form of this certificate.
      *
--- a/src/share/classes/javax/security/cert/CertificateEncodingException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/cert/CertificateEncodingException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,11 +30,11 @@
  * Certificate Encoding Exception. This is thrown whenever an error
  * occurs whilst attempting to encode a certificate.
  *
- * <p><em>Note: The classes in the package <code>javax.security.cert</code>
+ * <p><em>Note: The classes in the package {@code javax.security.cert}
  * exist for compatibility with earlier versions of the
  * Java Secure Sockets Extension (JSSE). New applications should instead
  * use the standard Java SE certificate classes located in
- * <code>java.security.cert</code>.</em></p>
+ * {@code java.security.cert}.</em></p>
  *
  * @since 1.4
  * @author Hemma Prafullchandra
--- a/src/share/classes/javax/security/cert/CertificateException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/cert/CertificateException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,11 +29,11 @@
 /**
  * This exception indicates one of a variety of certificate problems.
  *
- * <p><em>Note: The classes in the package <code>javax.security.cert</code>
+ * <p><em>Note: The classes in the package {@code javax.security.cert}
  * exist for compatibility with earlier versions of the
  * Java Secure Sockets Extension (JSSE). New applications should instead
  * use the standard Java SE certificate classes located in
- * <code>java.security.cert</code>.</em></p>
+ * {@code java.security.cert}.</em></p>
  *
  * @author Hemma Prafullchandra
  * @since 1.4
--- a/src/share/classes/javax/security/cert/CertificateExpiredException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/cert/CertificateExpiredException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,15 +28,15 @@
 
 /**
  * Certificate Expired Exception. This is thrown whenever the current
- * <code>Date</code> or the specified <code>Date</code> is after the
- * <code>notAfter</code> date/time specified in the validity period
+ * {@code Date} or the specified {@code Date} is after the
+ * {@code notAfter} date/time specified in the validity period
  * of the certificate.
  *
- * <p><em>Note: The classes in the package <code>javax.security.cert</code>
+ * <p><em>Note: The classes in the package {@code javax.security.cert}
  * exist for compatibility with earlier versions of the
  * Java Secure Sockets Extension (JSSE). New applications should instead
  * use the standard Java SE certificate classes located in
- * <code>java.security.cert</code>.</em></p>
+ * {@code java.security.cert}.</em></p>
  *
  * @since 1.4
  * @author Hemma Prafullchandra
--- a/src/share/classes/javax/security/cert/CertificateNotYetValidException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/cert/CertificateNotYetValidException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,15 +28,15 @@
 
 /**
  * Certificate is not yet valid exception. This is thrown whenever
- * the current <code>Date</code> or the specified <code>Date</code>
- * is before the <code>notBefore</code> date/time in the Certificate
+ * the current {@code Date} or the specified {@code Date}
+ * is before the {@code notBefore} date/time in the Certificate
  * validity period.
  *
- * <p><em>Note: The classes in the package <code>javax.security.cert</code>
+ * <p><em>Note: The classes in the package {@code javax.security.cert}
  * exist for compatibility with earlier versions of the
  * Java Secure Sockets Extension (JSSE). New applications should instead
  * use the standard Java SE certificate classes located in
- * <code>java.security.cert</code>.</em></p>
+ * {@code java.security.cert}.</em></p>
  *
  * @since 1.4
  * @author Hemma Prafullchandra
--- a/src/share/classes/javax/security/cert/CertificateParsingException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/cert/CertificateParsingException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,11 +31,11 @@
  * invalid DER encoded certificate is parsed or unsupported DER features
  * are found in the Certificate.
  *
- * <p><em>Note: The classes in the package <code>javax.security.cert</code>
+ * <p><em>Note: The classes in the package {@code javax.security.cert}
  * exist for compatibility with earlier versions of the
  * Java Secure Sockets Extension (JSSE). New applications should instead
  * use the standard Java SE certificate classes located in
- * <code>java.security.cert</code>.</em></p>
+ * {@code java.security.cert}.</em></p>
  *
  * @since 1.4
  * @author Hemma Prafullchandra
--- a/src/share/classes/javax/security/cert/X509Certificate.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/cert/X509Certificate.java	Mon Jan 23 20:14:27 2017 +0000
@@ -70,7 +70,7 @@
  * CA certificates are either signed by themselves, or by some other
  * CA such as a "root" CA.
  * <p>
- * The ASN.1 definition of <code>tbsCertificate</code> is:
+ * The ASN.1 definition of {@code tbsCertificate} is:
  * <pre>
  * TBSCertificate  ::=  SEQUENCE  {
  *     version         [0]  EXPLICIT Version DEFAULT v1,
@@ -117,11 +117,11 @@
  * initialization time and will fallback on a default implementation if
  * the Security property is not accessible.
  *
- * <p><em>Note: The classes in the package <code>javax.security.cert</code>
+ * <p><em>Note: The classes in the package {@code javax.security.cert}
  * exist for compatibility with earlier versions of the
  * Java Secure Sockets Extension (JSSE). New applications should instead
  * use the standard Java SE certificate classes located in
- * <code>java.security.cert</code>.</em></p>
+ * {@code java.security.cert}.</em></p>
  *
  * @author Hemma Prafullchandra
  * @since 1.4
@@ -153,7 +153,7 @@
 
     /**
      * Instantiates an X509Certificate object, and initializes it with
-     * the data read from the input stream <code>inStream</code>.
+     * the data read from the input stream {@code inStream}.
      * The implementation (X509Certificate is an abstract class) is
      * provided by the class specified as the value of the
      * <code>cert.provider.x509v1</code>
@@ -196,7 +196,7 @@
      * @param certData a byte array containing the DER-encoded
      *        certificate.
      * @return an X509Certificate object initialized with the data
-     *         from <code>certData</code>.
+     *         from {@code certData}.
      * @exception CertificateException if a class initialization
      *            or certificate parsing error occurs.
      */
@@ -284,16 +284,16 @@
      * @param date the Date to check against to see if this certificate
      *        is valid at that date/time.
      * @exception CertificateExpiredException if the certificate has expired
-     *            with respect to the <code>date</code> supplied.
+     *            with respect to the {@code date} supplied.
      * @exception CertificateNotYetValidException if the certificate is not
-     *            yet valid with respect to the <code>date</code> supplied.
+     *            yet valid with respect to the {@code date} supplied.
      * @see #checkValidity()
      */
     public abstract void checkValidity(Date date)
         throws CertificateExpiredException, CertificateNotYetValidException;
 
     /**
-     * Gets the <code>version</code> (version number) value from the
+     * Gets the {@code version} (version number) value from the
      * certificate. The ASN.1 definition for this is:
      * <pre>
      * version         [0]  EXPLICIT Version DEFAULT v1<p>
@@ -305,7 +305,7 @@
     public abstract int getVersion();
 
     /**
-     * Gets the <code>serialNumber</code> value from the certificate.
+     * Gets the {@code serialNumber} value from the certificate.
      * The serial number is an integer assigned by the certification
      * authority to each certificate. It must be unique for each
      * certificate issued by a given CA (i.e., the issuer name and
@@ -322,7 +322,7 @@
     public abstract BigInteger getSerialNumber();
 
     /**
-     * Gets the <code>issuer</code> (issuer distinguished name) value from
+     * Gets the {@code issuer} (issuer distinguished name) value from
      * the certificate. The issuer name identifies the entity that signed (and
      * issued) the certificate.
      *
@@ -343,27 +343,27 @@
      * AttributeType ::= OBJECT IDENTIFIER
      * AttributeValue ::= ANY
      * </pre>
-     * The <code>Name</code> describes a hierarchical name composed of
+     * The {@code Name} describes a hierarchical name composed of
      * attributes, such as country name, and corresponding values, such as US.
-     * The type of the <code>AttributeValue</code> component is determined by
-     * the <code>AttributeType</code>; in general it will be a
-     * <code>directoryString</code>. A <code>directoryString</code> is usually
-     * one of <code>PrintableString</code>,
-     * <code>TeletexString</code> or <code>UniversalString</code>.
+     * The type of the {@code AttributeValue} component is determined by
+     * the {@code AttributeType}; in general it will be a
+     * {@code directoryString}. A {@code directoryString} is usually
+     * one of {@code PrintableString},
+     * {@code TeletexString} or {@code UniversalString}.
      *
      * @return a Principal whose name is the issuer distinguished name.
      */
     public abstract Principal getIssuerDN();
 
     /**
-     * Gets the <code>subject</code> (subject distinguished name) value
+     * Gets the {@code subject} (subject distinguished name) value
      * from the certificate.
      * The ASN.1 definition for this is:
      * <pre>
      * subject    Name
      * </pre>
      *
-     * <p>See {@link #getIssuerDN() getIssuerDN} for <code>Name</code>
+     * <p>See {@link #getIssuerDN() getIssuerDN} for {@code Name}
      * and other relevant definitions.
      *
      * @return a Principal whose name is the subject name.
@@ -372,7 +372,7 @@
     public abstract Principal getSubjectDN();
 
     /**
-     * Gets the <code>notBefore</code> date from the validity period of
+     * Gets the {@code notBefore} date from the validity period of
      * the certificate.
      * The relevant ASN.1 definitions are:
      * <pre>
@@ -392,7 +392,7 @@
     public abstract Date getNotBefore();
 
     /**
-     * Gets the <code>notAfter</code> date from the validity period of
+     * Gets the {@code notAfter} date from the validity period of
      * the certificate. See {@link #getNotBefore() getNotBefore}
      * for relevant ASN.1 definitions.
      *
@@ -415,7 +415,7 @@
      *                             -- algorithm object identifier value
      * </pre>
      *
-     * <p>The algorithm name is determined from the <code>algorithm</code>
+     * <p>The algorithm name is determined from the {@code algorithm}
      * OID string.
      *
      * @return the signature algorithm name.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/javax/security/cert/package-info.java	Mon Jan 23 20:14:27 2017 +0000
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * Provides classes for public key certificates.
+ *
+ * These classes include a simplified version of the
+ * java.security.cert package.  These classes were developed
+ * as part of the Java Secure Socket
+ * Extension (JSSE).  When JSSE was added to the J2SE version 1.4, this
+ * package was added for backward-compatibility reasons only.
+ *
+ * New applications should not use this package, but rather
+ * java.security.cert.
+ *
+ * @since 1.4
+ */
+package javax.security.cert;
--- a/src/share/classes/javax/security/cert/package.html	Mon Jan 23 17:53:32 2017 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
-<html>
-<head>
-<!--
-Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
-DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-
-This code is free software; you can redistribute it and/or modify it
-under the terms of the GNU General Public License version 2 only, as
-published by the Free Software Foundation.  Oracle designates this
-particular file as subject to the "Classpath" exception as provided
-by Oracle in the LICENSE file that accompanied this code.
-
-This code is distributed in the hope that it will be useful, but WITHOUT
-ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-version 2 for more details (a copy is included in the LICENSE file that
-accompanied this code).
-
-You should have received a copy of the GNU General Public License version
-2 along with this work; if not, write to the Free Software Foundation,
-Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-or visit www.oracle.com if you need additional information or have any
-questions.
--->
-
-</head>
-<body bgcolor="white">
-
-Provides classes for public key certificates.
-
-<P>
-
-These classes include a simplified version of the
-java.security.cert package.  These classes were developed
-as part of the Java Secure Socket
-Extension (JSSE).  When JSSE was added to the J2SE version 1.4, this
-package was added for backward-compatibility reasons only.
-
-<P>
-
-New applications should not use this package, but rather
-java.security.cert.
-<!--
-<h2>Package Specification</h2>
-
-##### FILL IN ANY SPECS NEEDED BY JAVA COMPATIBILITY KIT #####
-<ul>
-  <li><a href="">##### REFER TO ANY FRAMEMAKER SPECIFICATION HERE #####</a>
-</ul>
-
-<h2>Related Documentation</h2>
-
-For overviews, tutorials, examples, guides, and tool documentation, please see:
-<ul>
-  <li><a href="">##### REFER TO NON-SPEC DOCUMENTATION HERE #####</a>
-</ul>
-
--->
-
-@since 1.4
-</body>
-</html>
--- a/src/share/classes/javax/security/sasl/AuthenticationException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/sasl/AuthenticationException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -45,7 +45,7 @@
  */
 public class AuthenticationException extends SaslException {
     /**
-     * Constructs a new instance of <tt>AuthenticationException</tt>.
+     * Constructs a new instance of {@code AuthenticationException}.
      * The root exception and the detailed message are null.
      */
     public AuthenticationException () {
@@ -53,7 +53,7 @@
     }
 
     /**
-     * Constructs a new instance of <tt>AuthenticationException</tt>
+     * Constructs a new instance of {@code AuthenticationException}
      * with a detailed message.
      * The root exception is null.
      * @param detail A possibly null string containing details of the exception.
@@ -65,7 +65,7 @@
     }
 
     /**
-     * Constructs a new instance of <tt>AuthenticationException</tt> with a detailed message
+     * Constructs a new instance of {@code AuthenticationException} with a detailed message
      * and a root exception.
      *
      * @param detail A possibly null string containing details of the exception.
--- a/src/share/classes/javax/security/sasl/AuthorizeCallback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/sasl/AuthorizeCallback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,7 +28,7 @@
 import javax.security.auth.callback.Callback;
 
 /**
-  * This callback is used by <tt>SaslServer</tt> to determine whether
+  * This callback is used by {@code SaslServer} to determine whether
   * one entity (identified by an authenticated authentication id)
   * can act on
   * behalf of another entity (identified by an authorization id).
@@ -66,7 +66,7 @@
     private boolean authorized;
 
     /**
-     * Constructs an instance of <tt>AuthorizeCallback</tt>.
+     * Constructs an instance of {@code AuthorizeCallback}.
      *
      * @param authnID   The (authenticated) authentication id.
      * @param authzID   The authorization id.
@@ -96,7 +96,7 @@
      * Determines whether the authentication id is allowed to
      * act on behalf of the authorization id.
      *
-     * @return <tt>true</tt> if authorization is allowed; <tt>false</tt> otherwise
+     * @return {@code true} if authorization is allowed; {@code false} otherwise
      * @see #setAuthorized(boolean)
      * @see #getAuthorizedID()
      */
@@ -106,7 +106,7 @@
 
     /**
      * Sets whether the authorization is allowed.
-     * @param ok <tt>true</tt> if authorization is allowed; <tt>false</tt> otherwise
+     * @param ok {@code true} if authorization is allowed; {@code false} otherwise
      * @see #isAuthorized
      * @see #setAuthorizedID(java.lang.String)
      */
@@ -116,7 +116,7 @@
 
     /**
      * Returns the id of the authorized user.
-     * @return The id of the authorized user. <tt>null</tt> means the
+     * @return The id of the authorized user. {@code null} means the
      * authorization failed.
      * @see #setAuthorized(boolean)
      * @see #setAuthorizedID(java.lang.String)
--- a/src/share/classes/javax/security/sasl/RealmCallback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/sasl/RealmCallback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,7 +28,7 @@
 import javax.security.auth.callback.TextInputCallback;
 
 /**
-  * This callback is used by <tt>SaslClient</tt> and <tt>SaslServer</tt>
+  * This callback is used by {@code SaslClient} and {@code SaslServer}
   * to retrieve realm information.
   *
   * @since 1.5
@@ -39,10 +39,10 @@
 public class RealmCallback extends TextInputCallback {
 
     /**
-     * Constructs a <tt>RealmCallback</tt> with a prompt.
+     * Constructs a {@code RealmCallback} with a prompt.
      *
      * @param prompt The non-null prompt to use to request the realm information.
-     * @throws IllegalArgumentException If <tt>prompt</tt> is null or
+     * @throws IllegalArgumentException If {@code prompt} is null or
      * the empty string.
      */
     public RealmCallback(String prompt) {
@@ -50,14 +50,14 @@
     }
 
     /**
-     * Constructs a <tt>RealmCallback</tt> with a prompt and default
+     * Constructs a {@code RealmCallback} with a prompt and default
      * realm information.
      *
      * @param prompt The non-null prompt to use to request the realm information.
      * @param defaultRealmInfo The non-null default realm information to use.
-     * @throws IllegalArgumentException If <tt>prompt</tt> is null or
+     * @throws IllegalArgumentException If {@code prompt} is null or
      * the empty string,
-     * or if <tt>defaultRealm</tt> is empty or null.
+     * or if {@code defaultRealm} is empty or null.
      */
     public RealmCallback(String prompt, String defaultRealmInfo) {
         super(prompt, defaultRealmInfo);
--- a/src/share/classes/javax/security/sasl/RealmChoiceCallback.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/sasl/RealmChoiceCallback.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,7 +28,7 @@
 import javax.security.auth.callback.ChoiceCallback;
 
 /**
-  * This callback is used by <tt>SaslClient</tt> and <tt>SaslServer</tt>
+  * This callback is used by {@code SaslClient} and {@code SaslServer}
   * to obtain a realm given a list of realm choices.
   *
   * @since 1.5
@@ -39,19 +39,19 @@
 public class RealmChoiceCallback extends ChoiceCallback {
 
     /**
-     * Constructs a <tt>RealmChoiceCallback</tt> with a prompt, a list of
+     * Constructs a {@code RealmChoiceCallback} with a prompt, a list of
      * choices and a default choice.
      *
      * @param prompt the non-null prompt to use to request the realm.
      * @param choices the non-null list of realms to choose from.
      * @param defaultChoice the choice to be used as the default choice
      * when the list of choices is displayed. It is an index into
-     * the <tt>choices</tt> arary.
+     * the {@code choices} arary.
      * @param multiple true if multiple choices allowed; false otherwise
-     * @throws IllegalArgumentException If <tt>prompt</tt> is null or the empty string,
-     * if <tt>choices</tt> has a length of 0, if any element from
-     * <tt>choices</tt> is null or empty, or if <tt>defaultChoice</tt>
-     * does not fall within the array boundary of <tt>choices</tt>
+     * @throws IllegalArgumentException If {@code prompt} is null or the empty string,
+     * if {@code choices} has a length of 0, if any element from
+     * {@code choices} is null or empty, or if {@code defaultChoice}
+     * does not fall within the array boundary of {@code choices}
      */
     public RealmChoiceCallback(String prompt, String[]choices,
         int defaultChoice, boolean multiple) {
--- a/src/share/classes/javax/security/sasl/Sasl.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/sasl/Sasl.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -72,15 +72,15 @@
      * of quality-of-protection values that the
      * client or server is willing to support.  A qop value is one of
      * <ul>
-     * <li><tt>"auth"</tt> - authentication only</li>
-     * <li><tt>"auth-int"</tt> - authentication plus integrity protection</li>
-     * <li><tt>"auth-conf"</tt> - authentication plus integrity and confidentiality
+     * <li>{@code "auth"} - authentication only</li>
+     * <li>{@code "auth-int"} - authentication plus integrity protection</li>
+     * <li>{@code "auth-conf"} - authentication plus integrity and confidentiality
      * protection</li>
      * </ul>
      *
      * The order of the list specifies the preference order of the client or
-     * server. If this property is absent, the default qop is <tt>"auth"</tt>.
-     * The value of this constant is <tt>"javax.security.sasl.qop"</tt>.
+     * server. If this property is absent, the default qop is {@code "auth"}.
+     * The value of this constant is {@code "javax.security.sasl.qop"}.
      */
     public static final String QOP = "javax.security.sasl.qop";
 
@@ -90,9 +90,9 @@
      * of cipher strength values that
      * the client or server is willing to support. A strength value is one of
      * <ul>
-     * <li><tt>"low"</tt></li>
-     * <li><tt>"medium"</tt></li>
-     * <li><tt>"high"</tt></li>
+     * <li>{@code "low"}</li>
+     * <li>{@code "medium"}</li>
+     * <li>{@code "high"}</li>
      * </ul>
      * The order of the list specifies the preference order of the client or
      * server.  An implementation should allow configuration of the meaning
@@ -101,40 +101,40 @@
      * cipher suites that match the strength values.
      * <BR>
      * If this property is absent, the default strength is
-     * <tt>"high,medium,low"</tt>.
-     * The value of this constant is <tt>"javax.security.sasl.strength"</tt>.
+     * {@code "high,medium,low"}.
+     * The value of this constant is {@code "javax.security.sasl.strength"}.
      */
     public static final String STRENGTH = "javax.security.sasl.strength";
 
     /**
      * The name of a property that specifies whether the
      * server must authenticate to the client. The property contains
-     * <tt>"true"</tt> if the server must
-     * authenticate the to client; <tt>"false"</tt> otherwise.
-     * The default is <tt>"false"</tt>.
+     * {@code "true"} if the server must
+     * authenticate the to client; {@code "false"} otherwise.
+     * The default is {@code "false"}.
      * <br>The value of this constant is
-     * <tt>"javax.security.sasl.server.authentication"</tt>.
+     * {@code "javax.security.sasl.server.authentication"}.
      */
     public static final String SERVER_AUTH =
     "javax.security.sasl.server.authentication";
 
     /**
      * The name of a property that specifies the maximum size of the receive
-     * buffer in bytes of <tt>SaslClient</tt>/<tt>SaslServer</tt>.
+     * buffer in bytes of {@code SaslClient}/{@code SaslServer}.
      * The property contains the string representation of an integer.
      * <br>If this property is absent, the default size
      * is defined by the mechanism.
-     * <br>The value of this constant is <tt>"javax.security.sasl.maxbuffer"</tt>.
+     * <br>The value of this constant is {@code "javax.security.sasl.maxbuffer"}.
      */
     public static final String MAX_BUFFER = "javax.security.sasl.maxbuffer";
 
     /**
      * The name of a property that specifies the maximum size of the raw send
-     * buffer in bytes of <tt>SaslClient</tt>/<tt>SaslServer</tt>.
+     * buffer in bytes of {@code SaslClient}/{@code SaslServer}.
      * The property contains the string representation of an integer.
      * The value of this property is negotiated between the client and server
      * during the authentication exchange.
-     * <br>The value of this constant is <tt>"javax.security.sasl.rawsendsize"</tt>.
+     * <br>The value of this constant is {@code "javax.security.sasl.rawsendsize"}.
      */
     public static final String RAW_SEND_SIZE = "javax.security.sasl.rawsendsize";
 
@@ -169,11 +169,11 @@
      * The name of a property that specifies
      * whether mechanisms susceptible to simple plain passive attacks (e.g.,
      * "PLAIN") are not permitted. The property
-     * contains <tt>"true"</tt> if such mechanisms are not permitted;
-     * <tt>"false"</tt> if such mechanisms are permitted.
-     * The default is <tt>"false"</tt>.
+     * contains {@code "true"} if such mechanisms are not permitted;
+     * {@code "false"} if such mechanisms are permitted.
+     * The default is {@code "false"}.
      * <br>The value of this constant is
-     * <tt>"javax.security.sasl.policy.noplaintext"</tt>.
+     * {@code "javax.security.sasl.policy.noplaintext"}.
      */
     public static final String POLICY_NOPLAINTEXT =
     "javax.security.sasl.policy.noplaintext";
@@ -182,12 +182,12 @@
      * The name of a property that specifies whether
      * mechanisms susceptible to active (non-dictionary) attacks
      * are not permitted.
-     * The property contains <tt>"true"</tt>
+     * The property contains {@code "true"}
      * if mechanisms susceptible to active attacks
-     * are not permitted; <tt>"false"</tt> if such mechanisms are permitted.
-     * The default is <tt>"false"</tt>.
+     * are not permitted; {@code "false"} if such mechanisms are permitted.
+     * The default is {@code "false"}.
      * <br>The value of this constant is
-     * <tt>"javax.security.sasl.policy.noactive"</tt>.
+     * {@code "javax.security.sasl.policy.noactive"}.
      */
     public static final String POLICY_NOACTIVE =
     "javax.security.sasl.policy.noactive";
@@ -195,26 +195,26 @@
     /**
      * The name of a property that specifies whether
      * mechanisms susceptible to passive dictionary attacks are not permitted.
-     * The property contains <tt>"true"</tt>
+     * The property contains {@code "true"}
      * if mechanisms susceptible to dictionary attacks are not permitted;
-     * <tt>"false"</tt> if such mechanisms are permitted.
-     * The default is <tt>"false"</tt>.
+     * {@code "false"} if such mechanisms are permitted.
+     * The default is {@code "false"}.
      *<br>
      * The value of this constant is
-     * <tt>"javax.security.sasl.policy.nodictionary"</tt>.
+     * {@code "javax.security.sasl.policy.nodictionary"}.
      */
     public static final String POLICY_NODICTIONARY =
     "javax.security.sasl.policy.nodictionary";
 
     /**
      * The name of a property that specifies whether mechanisms that accept
-     * anonymous login are not permitted. The property contains <tt>"true"</tt>
+     * anonymous login are not permitted. The property contains {@code "true"}
      * if mechanisms that accept anonymous login are not permitted;
-     * <tt>"false"</tt>
-     * if such mechanisms are permitted. The default is <tt>"false"</tt>.
+     * {@code "false"}
+     * if such mechanisms are permitted. The default is {@code "false"}.
      *<br>
      * The value of this constant is
-     * <tt>"javax.security.sasl.policy.noanonymous"</tt>.
+     * {@code "javax.security.sasl.policy.noanonymous"}.
      */
     public static final String POLICY_NOANONYMOUS =
     "javax.security.sasl.policy.noanonymous";
@@ -225,12 +225,12 @@
       * means that breaking into one session will not automatically
       * provide information for breaking into future sessions.
       * The property
-      * contains <tt>"true"</tt> if mechanisms that implement forward secrecy
-      * between sessions are required; <tt>"false"</tt> if such mechanisms
-      * are not required. The default is <tt>"false"</tt>.
+      * contains {@code "true"} if mechanisms that implement forward secrecy
+      * between sessions are required; {@code "false"} if such mechanisms
+      * are not required. The default is {@code "false"}.
       *<br>
       * The value of this constant is
-      * <tt>"javax.security.sasl.policy.forward"</tt>.
+      * {@code "javax.security.sasl.policy.forward"}.
       */
     public static final String POLICY_FORWARD_SECRECY =
     "javax.security.sasl.policy.forward";
@@ -238,12 +238,12 @@
     /**
      * The name of a property that specifies whether
      * mechanisms that pass client credentials are required. The property
-     * contains <tt>"true"</tt> if mechanisms that pass
-     * client credentials are required; <tt>"false"</tt>
-     * if such mechanisms are not required. The default is <tt>"false"</tt>.
+     * contains {@code "true"} if mechanisms that pass
+     * client credentials are required; {@code "false"}
+     * if such mechanisms are not required. The default is {@code "false"}.
      *<br>
      * The value of this constant is
-     * <tt>"javax.security.sasl.policy.credentials"</tt>.
+     * {@code "javax.security.sasl.policy.credentials"}.
      */
     public static final String POLICY_PASS_CREDENTIALS =
     "javax.security.sasl.policy.credentials";
@@ -257,38 +257,38 @@
      * supports delegated authentication.
      *<br>
      * The value of this constant is
-     * <tt>"javax.security.sasl.credentials"</tt>.
+     * {@code "javax.security.sasl.credentials"}.
      */
     public static final String CREDENTIALS = "javax.security.sasl.credentials";
 
     /**
-     * Creates a <tt>SaslClient</tt> using the parameters supplied.
+     * Creates a {@code SaslClient} using the parameters supplied.
      *
      * This method uses the
 <a href="{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#Provider">JCA Security Provider Framework</a>, described in the
      * "Java Cryptography Architecture API Specification & Reference", for
-     * locating and selecting a <tt>SaslClient</tt> implementation.
+     * locating and selecting a {@code SaslClient} implementation.
      *
      * First, it
-     * obtains an ordered list of <tt>SaslClientFactory</tt> instances from
+     * obtains an ordered list of {@code SaslClientFactory} instances from
      * the registered security providers for the "SaslClientFactory" service
      * and the specified SASL mechanism(s). It then invokes
-     * <tt>createSaslClient()</tt> on each factory instance on the list
-     * until one produces a non-null <tt>SaslClient</tt> instance. It returns
-     * the non-null <tt>SaslClient</tt> instance, or null if the search fails
-     * to produce a non-null <tt>SaslClient</tt> instance.
+     * {@code createSaslClient()} on each factory instance on the list
+     * until one produces a non-null {@code SaslClient} instance. It returns
+     * the non-null {@code SaslClient} instance, or null if the search fails
+     * to produce a non-null {@code SaslClient} instance.
      *<p>
      * A security provider for SaslClientFactory registers with the
      * JCA Security Provider Framework keys of the form <br>
-     * <tt>SaslClientFactory.<em>mechanism_name</em></tt>
+     * {@code SaslClientFactory.}<em>{@code mechanism_name}</em>
      * <br>
      * and values that are class names of implementations of
-     * <tt>javax.security.sasl.SaslClientFactory</tt>.
+     * {@code javax.security.sasl.SaslClientFactory}.
      *
      * For example, a provider that contains a factory class,
-     * <tt>com.wiz.sasl.digest.ClientFactory</tt>, that supports the
+     * {@code com.wiz.sasl.digest.ClientFactory}, that supports the
      * "DIGEST-MD5" mechanism would register the following entry with the JCA:
-     * <tt>SaslClientFactory.DIGEST-MD5 com.wiz.sasl.digest.ClientFactory</tt>
+     * {@code SaslClientFactory.DIGEST-MD5 com.wiz.sasl.digest.ClientFactory}
      *<p>
      * See the
      * "Java Cryptography Architecture API Specification & Reference"
@@ -313,9 +313,9 @@
      * @param props The possibly null set of properties used to
      * select the SASL mechanism and to configure the authentication
      * exchange of the selected mechanism.
-     * For example, if <tt>props</tt> contains the
-     * <code>Sasl.POLICY_NOPLAINTEXT</code> property with the value
-     * <tt>"true"</tt>, then the selected
+     * For example, if {@code props} contains the
+     * {@code Sasl.POLICY_NOPLAINTEXT} property with the value
+     * {@code "true"}, then the selected
      * SASL mechanism must not be susceptible to simple plain passive attacks.
      * In addition to the standard properties declared in this class,
      * other, possibly mechanism-specific, properties can be included.
@@ -326,16 +326,16 @@
      * mechanisms to get further information from the application/library
      * to complete the authentication. For example, a SASL mechanism might
      * require the authentication ID, password and realm from the caller.
-     * The authentication ID is requested by using a <tt>NameCallback</tt>.
-     * The password is requested by using a <tt>PasswordCallback</tt>.
-     * The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list
-     * of realms to choose from, and by using a <tt>RealmCallback</tt> if
+     * The authentication ID is requested by using a {@code NameCallback}.
+     * The password is requested by using a {@code PasswordCallback}.
+     * The realm is requested by using a {@code RealmChoiceCallback} if there is a list
+     * of realms to choose from, and by using a {@code RealmCallback} if
      * the realm must be entered.
      *
-     *@return A possibly null <tt>SaslClient</tt> created using the parameters
-     * supplied. If null, cannot find a <tt>SaslClientFactory</tt>
+     *@return A possibly null {@code SaslClient} created using the parameters
+     * supplied. If null, cannot find a {@code SaslClientFactory}
      * that will produce one.
-     *@exception SaslException If cannot create a <tt>SaslClient</tt> because
+     *@exception SaslException If cannot create a {@code SaslClient} because
      * of an error.
      */
     public static SaslClient createSaslClient(
@@ -411,34 +411,34 @@
 
 
     /**
-     * Creates a <tt>SaslServer</tt> for the specified mechanism.
+     * Creates a {@code SaslServer} for the specified mechanism.
      *
      * This method uses the
 <a href="{@docRoot}/../technotes/guides/security/crypto/CryptoSpec.html#Provider">JCA Security Provider Framework</a>,
      * described in the
      * "Java Cryptography Architecture API Specification & Reference", for
-     * locating and selecting a <tt>SaslServer</tt> implementation.
+     * locating and selecting a {@code SaslServer} implementation.
      *
      * First, it
-     * obtains an ordered list of <tt>SaslServerFactory</tt> instances from
+     * obtains an ordered list of {@code SaslServerFactory} instances from
      * the registered security providers for the "SaslServerFactory" service
      * and the specified mechanism. It then invokes
-     * <tt>createSaslServer()</tt> on each factory instance on the list
-     * until one produces a non-null <tt>SaslServer</tt> instance. It returns
-     * the non-null <tt>SaslServer</tt> instance, or null if the search fails
-     * to produce a non-null <tt>SaslServer</tt> instance.
+     * {@code createSaslServer()} on each factory instance on the list
+     * until one produces a non-null {@code SaslServer} instance. It returns
+     * the non-null {@code SaslServer} instance, or null if the search fails
+     * to produce a non-null {@code SaslServer} instance.
      *<p>
      * A security provider for SaslServerFactory registers with the
      * JCA Security Provider Framework keys of the form <br>
-     * <tt>SaslServerFactory.<em>mechanism_name</em></tt>
+     * {@code SaslServerFactory.}<em>{@code mechanism_name}</em>
      * <br>
      * and values that are class names of implementations of
-     * <tt>javax.security.sasl.SaslServerFactory</tt>.
+     * {@code javax.security.sasl.SaslServerFactory}.
      *
      * For example, a provider that contains a factory class,
-     * <tt>com.wiz.sasl.digest.ServerFactory</tt>, that supports the
+     * {@code com.wiz.sasl.digest.ServerFactory}, that supports the
      * "DIGEST-MD5" mechanism would register the following entry with the JCA:
-     * <tt>SaslServerFactory.DIGEST-MD5  com.wiz.sasl.digest.ServerFactory</tt>
+     * {@code SaslServerFactory.DIGEST-MD5  com.wiz.sasl.digest.ServerFactory}
      *<p>
      * See the
      * "Java Cryptography Architecture API Specification & Reference"
@@ -453,9 +453,9 @@
      * @param props The possibly null set of properties used to
      * select the SASL mechanism and to configure the authentication
      * exchange of the selected mechanism.
-     * For example, if <tt>props</tt> contains the
-     * <code>Sasl.POLICY_NOPLAINTEXT</code> property with the value
-     * <tt>"true"</tt>, then the selected
+     * For example, if {@code props} contains the
+     * {@code Sasl.POLICY_NOPLAINTEXT} property with the value
+     * {@code "true"}, then the selected
      * SASL mechanism must not be susceptible to simple plain passive attacks.
      * In addition to the standard properties declared in this class,
      * other, possibly mechanism-specific, properties can be included.
@@ -466,16 +466,16 @@
      * mechanisms to get further information from the application/library
      * to complete the authentication. For example, a SASL mechanism might
      * require the authentication ID, password and realm from the caller.
-     * The authentication ID is requested by using a <tt>NameCallback</tt>.
-     * The password is requested by using a <tt>PasswordCallback</tt>.
-     * The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list
-     * of realms to choose from, and by using a <tt>RealmCallback</tt> if
+     * The authentication ID is requested by using a {@code NameCallback}.
+     * The password is requested by using a {@code PasswordCallback}.
+     * The realm is requested by using a {@code RealmChoiceCallback} if there is a list
+     * of realms to choose from, and by using a {@code RealmCallback} if
      * the realm must be entered.
      *
-     *@return A possibly null <tt>SaslServer</tt> created using the parameters
-     * supplied. If null, cannot find a <tt>SaslServerFactory</tt>
+     *@return A possibly null {@code SaslServer} created using the parameters
+     * supplied. If null, cannot find a {@code SaslServerFactory}
      * that will produce one.
-     *@exception SaslException If cannot create a <tt>SaslServer</tt> because
+     *@exception SaslException If cannot create a {@code SaslServer} because
      * of an error.
      **/
     public static SaslServer
@@ -518,11 +518,11 @@
     }
 
     /**
-     * Gets an enumeration of known factories for producing <tt>SaslClient</tt>.
+     * Gets an enumeration of known factories for producing {@code SaslClient}.
      * This method uses the same algorithm for locating factories as
-     * <tt>createSaslClient()</tt>.
+     * {@code createSaslClient()}.
      * @return A non-null enumeration of known factories for producing
-     * <tt>SaslClient</tt>.
+     * {@code SaslClient}.
      * @see #createSaslClient
      */
     public static Enumeration<SaslClientFactory> getSaslClientFactories() {
@@ -539,11 +539,11 @@
     }
 
     /**
-     * Gets an enumeration of known factories for producing <tt>SaslServer</tt>.
+     * Gets an enumeration of known factories for producing {@code SaslServer}.
      * This method uses the same algorithm for locating factories as
-     * <tt>createSaslServer()</tt>.
+     * {@code createSaslServer()}.
      * @return A non-null enumeration of known factories for producing
-     * <tt>SaslServer</tt>.
+     * {@code SaslServer}.
      * @see #createSaslServer
      */
     public static Enumeration<SaslServerFactory> getSaslServerFactories() {
--- a/src/share/classes/javax/security/sasl/SaslClient.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/sasl/SaslClient.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,14 +30,14 @@
  *<p>
  * A protocol library such as one for LDAP gets an instance of this
  * class in order to perform authentication defined by a specific SASL
- * mechanism. Invoking methods on the <tt>SaslClient</tt> instance
+ * mechanism. Invoking methods on the {@code SaslClient} instance
  * process challenges and create responses according to the SASL
- * mechanism implemented by the <tt>SaslClient</tt>.
+ * mechanism implemented by the {@code SaslClient}.
  * As the authentication proceeds, the instance
  * encapsulates the state of a SASL client's authentication exchange.
  *<p>
- * Here's an example of how an LDAP library might use a <tt>SaslClient</tt>.
- * It first gets an instance of a <tt>SaslClient</tt>:
+ * Here's an example of how an LDAP library might use a {@code SaslClient}.
+ * It first gets an instance of a {@code SaslClient}:
  *<blockquote><pre>
  * SaslClient sc = Sasl.createSaslClient(mechanisms,
  *     authorizationId, protocol, serverName, props, callbackHandler);
@@ -77,16 +77,16 @@
  *</pre></blockquote>
  *
  * If the mechanism has an initial response, the library invokes
- * <tt>evaluateChallenge()</tt> with an empty
+ * {@code evaluateChallenge()} with an empty
  * challenge and to get initial response.
  * Protocols such as IMAP4, which do not include an initial response with
  * their first authentication command to the server, initiates the
- * authentication without first calling <tt>hasInitialResponse()</tt>
- * or <tt>evaluateChallenge()</tt>.
+ * authentication without first calling {@code hasInitialResponse()}
+ * or {@code evaluateChallenge()}.
  * When the server responds to the command, it sends an initial challenge.
  * For a SASL mechanism in which the client sends data first, the server should
  * have issued a challenge with no data. This will then result in a call
- * (on the client) to <tt>evaluateChallenge()</tt> with an empty challenge.
+ * (on the client) to {@code evaluateChallenge()} with an empty challenge.
  *
  * @since 1.5
  *
@@ -107,7 +107,7 @@
 
     /**
      * Determines whether this mechanism has an optional initial response.
-     * If true, caller should call <tt>evaluateChallenge()</tt> with an
+     * If true, caller should call {@code evaluateChallenge()} with an
      * empty array to get the initial response.
      *
      * @return true if this mechanism has an initial response.
@@ -148,22 +148,22 @@
     /**
      * Unwraps a byte array received from the server.
      * This method can be called only after the authentication exchange has
-     * completed (i.e., when <tt>isComplete()</tt> returns true) and only if
+     * completed (i.e., when {@code isComplete()} returns true) and only if
      * the authentication exchange has negotiated integrity and/or privacy
      * as the quality of protection; otherwise, an
-     * <tt>IllegalStateException</tt> is thrown.
+     * {@code IllegalStateException} is thrown.
      *<p>
-     * <tt>incoming</tt> is the contents of the SASL buffer as defined in RFC 2222
+     * {@code incoming} is the contents of the SASL buffer as defined in RFC 2222
      * without the leading four octet field that represents the length.
-     * <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>incoming</tt>
+     * {@code offset} and {@code len} specify the portion of {@code incoming}
      * to use.
      *
      * @param incoming A non-null byte array containing the encoded bytes
      *                from the server.
-     * @param offset The starting position at <tt>incoming</tt> of the bytes to use.
-     * @param len The number of bytes from <tt>incoming</tt> to use.
+     * @param offset The starting position at {@code incoming} of the bytes to use.
+     * @param len The number of bytes from {@code incoming} to use.
      * @return A non-null byte array containing the decoded bytes.
-     * @exception SaslException if <tt>incoming</tt> cannot be successfully
+     * @exception SaslException if {@code incoming} cannot be successfully
      * unwrapped.
      * @exception IllegalStateException if the authentication exchange has
      * not completed, or  if the negotiated quality of protection
@@ -175,22 +175,22 @@
     /**
      * Wraps a byte array to be sent to the server.
      * This method can be called only after the authentication exchange has
-     * completed (i.e., when <tt>isComplete()</tt> returns true) and only if
+     * completed (i.e., when {@code isComplete()} returns true) and only if
      * the authentication exchange has negotiated integrity and/or privacy
      * as the quality of protection; otherwise, an
-     * <tt>IllegalStateException</tt> is thrown.
+     * {@code IllegalStateException} is thrown.
      *<p>
      * The result of this method will make up the contents of the SASL buffer
      * as defined in RFC 2222 without the leading four octet field that
      * represents the length.
-     * <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>outgoing</tt>
+     * {@code offset} and {@code len} specify the portion of {@code outgoing}
      * to use.
      *
      * @param outgoing A non-null byte array containing the bytes to encode.
-     * @param offset The starting position at <tt>outgoing</tt> of the bytes to use.
-     * @param len The number of bytes from <tt>outgoing</tt> to use.
+     * @param offset The starting position at {@code outgoing} of the bytes to use.
+     * @param len The number of bytes from {@code outgoing} to use.
      * @return A non-null byte array containing the encoded bytes.
-     * @exception SaslException if <tt>outgoing</tt> cannot be successfully
+     * @exception SaslException if {@code outgoing} cannot be successfully
      * wrapped.
      * @exception IllegalStateException if the authentication exchange has
      * not completed, or if the negotiated quality of protection
@@ -202,8 +202,8 @@
     /**
      * Retrieves the negotiated property.
      * This method can be called only after the authentication exchange has
-     * completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, an
-     * <tt>IllegalStateException</tt> is thrown.
+     * completed (i.e., when {@code isComplete()} returns true); otherwise, an
+     * {@code IllegalStateException} is thrown.
      *
      * @param propName The non-null property name.
      * @return The value of the negotiated property. If null, the property was
--- a/src/share/classes/javax/security/sasl/SaslClientFactory.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/sasl/SaslClientFactory.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,16 +29,16 @@
 import javax.security.auth.callback.CallbackHandler;
 
 /**
- * An interface for creating instances of <tt>SaslClient</tt>.
+ * An interface for creating instances of {@code SaslClient}.
  * A class that implements this interface
  * must be thread-safe and handle multiple simultaneous
  * requests. It must also have a public constructor that accepts no
  * argument.
  *<p>
  * This interface is not normally accessed directly by a client, which will use the
- * <tt>Sasl</tt> static methods
+ * {@code Sasl} static methods
  * instead. However, a particular environment may provide and install a
- * new or different <tt>SaslClientFactory</tt>.
+ * new or different {@code SaslClientFactory}.
  *
  * @since 1.5
  *
@@ -66,7 +66,7 @@
      * of the server to authenticate to.
      * @param props The possibly null set of properties used to select the SASL
      * mechanism and to configure the authentication exchange of the selected
-     * mechanism. See the <tt>Sasl</tt> class for a list of standard properties.
+     * mechanism. See the {@code Sasl} class for a list of standard properties.
      * Other, possibly mechanism-specific, properties can be included.
      * Properties not relevant to the selected mechanism are ignored,
      * including any map entries with non-String keys.
@@ -75,16 +75,16 @@
      * mechanisms to get further information from the application/library
      * to complete the authentication. For example, a SASL mechanism might
      * require the authentication ID, password and realm from the caller.
-     * The authentication ID is requested by using a <tt>NameCallback</tt>.
-     * The password is requested by using a <tt>PasswordCallback</tt>.
-     * The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list
-     * of realms to choose from, and by using a <tt>RealmCallback</tt> if
+     * The authentication ID is requested by using a {@code NameCallback}.
+     * The password is requested by using a {@code PasswordCallback}.
+     * The realm is requested by using a {@code RealmChoiceCallback} if there is a list
+     * of realms to choose from, and by using a {@code RealmCallback} if
      * the realm must be entered.
      *
-     *@return A possibly null <tt>SaslClient</tt> created using the parameters
-     * supplied. If null, this factory cannot produce a <tt>SaslClient</tt>
+     *@return A possibly null {@code SaslClient} created using the parameters
+     * supplied. If null, this factory cannot produce a {@code SaslClient}
      * using the parameters supplied.
-     *@exception SaslException If cannot create a <tt>SaslClient</tt> because
+     *@exception SaslException If cannot create a {@code SaslClient} because
      * of an error.
      */
     public abstract SaslClient createSaslClient(
@@ -99,12 +99,12 @@
      * Returns an array of names of mechanisms that match the specified
      * mechanism selection policies.
      * @param props The possibly null set of properties used to specify the
-     * security policy of the SASL mechanisms. For example, if <tt>props</tt>
-     * contains the <tt>Sasl.POLICY_NOPLAINTEXT</tt> property with the value
-     * <tt>"true"</tt>, then the factory must not return any SASL mechanisms
+     * security policy of the SASL mechanisms. For example, if {@code props}
+     * contains the {@code Sasl.POLICY_NOPLAINTEXT} property with the value
+     * {@code "true"}, then the factory must not return any SASL mechanisms
      * that are susceptible to simple plain passive attacks.
-     * See the <tt>Sasl</tt> class for a complete list of policy properties.
-     * Non-policy related properties, if present in <tt>props</tt>, are ignored,
+     * See the {@code Sasl} class for a complete list of policy properties.
+     * Non-policy related properties, if present in {@code props}, are ignored,
      * including any map entries with non-String keys.
      * @return A non-null array containing a IANA-registered SASL mechanism names.
      */
--- a/src/share/classes/javax/security/sasl/SaslException.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/sasl/SaslException.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -45,7 +45,7 @@
     private Throwable _exception;
 
     /**
-     * Constructs a new instance of <tt>SaslException</tt>.
+     * Constructs a new instance of {@code SaslException}.
      * The root exception and the detailed message are null.
      */
     public SaslException () {
@@ -53,7 +53,7 @@
     }
 
     /**
-     * Constructs a new instance of <tt>SaslException</tt> with a detailed message.
+     * Constructs a new instance of {@code SaslException} with a detailed message.
      * The root exception is null.
      * @param detail A possibly null string containing details of the exception.
      *
@@ -64,7 +64,7 @@
     }
 
     /**
-     * Constructs a new instance of <tt>SaslException</tt> with a detailed message
+     * Constructs a new instance of {@code SaslException} with a detailed message
      * and a root exception.
      * For example, a SaslException might result from a problem with
      * the callback handler, which might throw a NoSuchCallbackException if
--- a/src/share/classes/javax/security/sasl/SaslServer.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/sasl/SaslServer.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,14 +30,14 @@
  *<p>
  * A server such an LDAP server gets an instance of this
  * class in order to perform authentication defined by a specific SASL
- * mechanism. Invoking methods on the <tt>SaslServer</tt> instance
+ * mechanism. Invoking methods on the {@code SaslServer} instance
  * generates challenges according to the SASL
- * mechanism implemented by the <tt>SaslServer</tt>.
+ * mechanism implemented by the {@code SaslServer}.
  * As the authentication proceeds, the instance
  * encapsulates the state of a SASL server's authentication exchange.
  *<p>
- * Here's an example of how an LDAP server might use a <tt>SaslServer</tt>.
- * It first gets an instance of a <tt>SaslServer</tt> for the SASL mechanism
+ * Here's an example of how an LDAP server might use a {@code SaslServer}.
+ * It first gets an instance of a {@code SaslServer} for the SASL mechanism
  * requested by the client:
  *<blockquote><pre>
  * SaslServer ss = Sasl.createSaslServer(mechanism,
@@ -104,8 +104,8 @@
      * to the client. It is non-null if the authentication must be continued
      * by sending a challenge to the client, or if the authentication has
      * succeeded but challenge data needs to be processed by the client.
-     * <tt>isComplete()</tt> should be called
-     * after each call to <tt>evaluateResponse()</tt>,to determine if any further
+     * {@code isComplete()} should be called
+     * after each call to {@code evaluateResponse()},to determine if any further
      * response is needed from the client.
      *
      * @param response The non-null (but possibly empty) response sent
@@ -123,7 +123,7 @@
     /**
       * Determines whether the authentication exchange has completed.
       * This method is typically called after each invocation of
-      * <tt>evaluateResponse()</tt> to determine whether the
+      * {@code evaluateResponse()} to determine whether the
       * authentication has completed successfully or should be continued.
       * @return true if the authentication exchange has completed; false otherwise.
       */
@@ -141,22 +141,22 @@
     /**
      * Unwraps a byte array received from the client.
      * This method can be called only after the authentication exchange has
-     * completed (i.e., when <tt>isComplete()</tt> returns true) and only if
+     * completed (i.e., when {@code isComplete()} returns true) and only if
      * the authentication exchange has negotiated integrity and/or privacy
      * as the quality of protection; otherwise,
-     * an <tt>IllegalStateException</tt> is thrown.
+     * an {@code IllegalStateException} is thrown.
      *<p>
-     * <tt>incoming</tt> is the contents of the SASL buffer as defined in RFC 2222
+     * {@code incoming} is the contents of the SASL buffer as defined in RFC 2222
      * without the leading four octet field that represents the length.
-     * <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>incoming</tt>
+     * {@code offset} and {@code len} specify the portion of {@code incoming}
      * to use.
      *
      * @param incoming A non-null byte array containing the encoded bytes
      *                from the client.
-     * @param offset The starting position at <tt>incoming</tt> of the bytes to use.
-     * @param len The number of bytes from <tt>incoming</tt> to use.
+     * @param offset The starting position at {@code incoming} of the bytes to use.
+     * @param len The number of bytes from {@code incoming} to use.
      * @return A non-null byte array containing the decoded bytes.
-     * @exception SaslException if <tt>incoming</tt> cannot be successfully
+     * @exception SaslException if {@code incoming} cannot be successfully
      * unwrapped.
      * @exception IllegalStateException if the authentication exchange has
      * not completed, or if the negotiated quality of protection
@@ -168,21 +168,21 @@
     /**
      * Wraps a byte array to be sent to the client.
      * This method can be called only after the authentication exchange has
-     * completed (i.e., when <tt>isComplete()</tt> returns true) and only if
+     * completed (i.e., when {@code isComplete()} returns true) and only if
      * the authentication exchange has negotiated integrity and/or privacy
-     * as the quality of protection; otherwise, a <tt>SaslException</tt> is thrown.
+     * as the quality of protection; otherwise, a {@code SaslException} is thrown.
      *<p>
      * The result of this method
      * will make up the contents of the SASL buffer as defined in RFC 2222
      * without the leading four octet field that represents the length.
-     * <tt>offset</tt> and <tt>len</tt> specify the portion of <tt>outgoing</tt>
+     * {@code offset} and {@code len} specify the portion of {@code outgoing}
      * to use.
      *
      * @param outgoing A non-null byte array containing the bytes to encode.
-     * @param offset The starting position at <tt>outgoing</tt> of the bytes to use.
-     * @param len The number of bytes from <tt>outgoing</tt> to use.
+     * @param offset The starting position at {@code outgoing} of the bytes to use.
+     * @param len The number of bytes from {@code outgoing} to use.
      * @return A non-null byte array containing the encoded bytes.
-     * @exception SaslException if <tt>outgoing</tt> cannot be successfully
+     * @exception SaslException if {@code outgoing} cannot be successfully
      * wrapped.
      * @exception IllegalStateException if the authentication exchange has
      * not completed, or if the negotiated quality of protection has
@@ -194,8 +194,8 @@
     /**
      * Retrieves the negotiated property.
      * This method can be called only after the authentication exchange has
-     * completed (i.e., when <tt>isComplete()</tt> returns true); otherwise, an
-     * <tt>IllegalStateException</tt> is thrown.
+     * completed (i.e., when {@code isComplete()} returns true); otherwise, an
+     * {@code IllegalStateException} is thrown.
      *
      * @param propName the property
      * @return The value of the negotiated property. If null, the property was
--- a/src/share/classes/javax/security/sasl/SaslServerFactory.java	Mon Jan 23 17:53:32 2017 +0000
+++ b/src/share/classes/javax/security/sasl/SaslServerFactory.java	Mon Jan 23 20:14:27 2017 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,16 +29,16 @@
 import javax.security.auth.callback.CallbackHandler;
 
 /**
- * An interface for creating instances of <tt>SaslServer</tt>.
+ * An interface for creating instances of {@code SaslServer}.
  * A class that implements this interface
  * must be thread-safe and handle multiple simultaneous
  * requests. It must also have a public constructor that accepts no
  * argument.
  *<p>
  * This interface is not normally accessed directly by a server, which will use the
- * <tt>Sasl</tt> static methods
+ * {@code Sasl} static methods
  * instead. However, a particular environment may provide and install a
- * new or different <tt>SaslServerFactory</tt>.
+ * new or different {@code SaslServerFactory}.
  *
  * @since 1.5
  *
@@ -50,10 +50,10 @@
  */
 public abstract interface SaslServerFactory {
     /**
-     * Creates a <tt>SaslServer</tt> using the parameters supplied.
+     * Creates a {@code SaslServer} using the parameters supplied.
      * It returns null
-     * if no <tt>SaslServer</tt> can be created using the parameters supplied.
-     * Throws <tt>SaslException</tt> if it cannot create a <tt>SaslServer</tt>
+     * if no {@code SaslServer} can be created using the parameters supplied.
+     * Throws {@code SaslException} if it cannot create a {@code SaslServer}
      * because of an error.
      *
      * @param mechanism The non-null
@@ -64,7 +64,7 @@
      * to authenticate to.
      * @param props The possibly null set of properties used to select the SASL
      * mechanism and to configure the authentication exchange of the selected
-     * mechanism. See the <tt>Sasl</tt> class for a list of standard properties.
+     * mechanism. See the {@code Sasl} class for a list of standard properties.
      * Other, possibly mechanism-specific, properties can be included.
      * Properties not relevant to the selected mechanism are ignored,
      * including any map entries with non-String keys.
@@ -73,16 +73,16 @@
      * mechanisms to get further information from the application/library
      * to complete the authentication. For example, a SASL mechanism might
      * require the authentication ID, password and realm from the caller.
-     * The authentication ID is requested by using a <tt>NameCallback</tt>.
-     * The password is requested by using a <tt>PasswordCallback</tt>.
-     * The realm is requested by using a <tt>RealmChoiceCallback</tt> if there is a list
-     * of realms to choose from, and by using a <tt>RealmCallback</tt> if
+     * The authentication ID is requested by using a {@code NameCallback}.
+     * The password is requested by using a {@code PasswordCallback}.
+     * The realm is requested by using a {@code RealmChoiceCallback} if there is a list
+     * of realms to choose from, and by using a {@code RealmCallback} if
      * the realm must be entered.
      *
-     *@return A possibly null <tt>SaslServer</tt> created using the parameters
-     * supplied. If null, this factory cannot produce a <tt>SaslServer</tt>
+     *@return A possibly null {@code SaslServer} created using the parameters
+     * supplied. If null, this factory cannot produce a {@code SaslServer}
      * using the parameters supplied.
-     *@exception SaslException If cannot create a <tt>SaslServer</tt> because
+     *@exception SaslException If cannot create a {@code SaslServer} because
      * of an error.
      */
     public abstract SaslServer createSaslServer(
@@ -96,12 +96,12 @@
      * Returns an array of names of mechanisms that match the specified
      * mechanism selection policies.
      * @param props The possibly null set of properties used to specify the
-     * security policy of the SASL mechanisms. For example, if <tt>props</tt>
-     * contains the <tt>Sasl.POLICY_NOPLAINTEXT</tt> property with the value
-     * <tt>"true"</tt>, then the factory must not return any SASL mechanisms
+     * security policy of the SASL mechanisms. For example, if {@code props}
+     * contains the {@code Sasl.POLICY_NOPLAINTEXT} property with the value
+     * {@code "true"}, then the factory must not return any SASL mechanisms
      * that are susceptible to simple plain passive attacks.
-     * See the <tt>Sasl</tt> class for a complete list of policy properties.
-     * Non-policy related properties, if present in <tt>props</tt>, are ignored,
+     * See the {@code Sasl} class for a complete list of policy properties.
+     * Non-policy related properties, if present in {@code props}, are ignored,
      * including any map entries with non-String keys.
      * @return A non-null array containing a IANA-registered SASL mechanism names.
      */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/javax/security/sasl/package-info.java	Mon Jan 23 20:14:27 2017 +0000
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * Contains class and interfaces for supporting SASL.
+ *
+ * This package defines classes and interfaces for SASL mechanisms.
+ * It is used by developers to add authentication support for
+ * connection-based protocols that use SASL.
+ *
+ * <h3>SASL Overview</h3>
+ *
+ * Simple Authentication and Security Layer (SASL) specifies a
+ * challenge-response protocol in which data is exchanged between the
+ * client and the server for the purposes of
+ * authentication and (optional) establishment of a security layer on
+ * which to carry on subsequent communications.  It is used with
+ * connection-based protocols such as LDAPv3 or IMAPv4.  SASL is
+ * described in
+ * <A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>.
+ *
+ *
+ * There are various <em>mechanisms</em> defined for SASL.
+ * Each mechanism defines the data that must be exchanged between the
+ * client and server in order for the authentication to succeed.
+ * This data exchange required for a particular mechanism is referred to
+ * to as its <em>protocol profile</em>.
+ * The following are some examples of mechanisms that have been defined by
+ * the Internet standards community.
+ * <ul>
+ * <li>DIGEST-MD5 (<A HREF="http://www.ietf.org/rfc/rfc2831.txt">RFC 2831</a>).
+ * This mechanism defines how HTTP Digest Authentication can be used as a SASL
+ * mechanism.
+ * <li>Anonymous (<A HREF="http://www.ietf.org/rfc/rfc2245.txt">RFC 2245</a>).
+ * This mechanism is anonymous authentication in which no credentials are
+ * necessary.
+ * <li>External (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
+ * This mechanism obtains authentication information
+ * from an external source (such as TLS or IPsec).
+ * <li>S/Key (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
+ * This mechanism uses the MD4 digest algorithm to exchange data based on
+ * a shared secret.
+ * <li>GSSAPI (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
+ * This mechanism uses the
+ * <A HREF="http://www.ietf.org/rfc/rfc2078.txt">GSSAPI</A>
+ * for obtaining authentication information.
+ * </ul>
+ *
+ * Some of these mechanisms provide both authentication and establishment
+ * of a security layer, others only authentication.  Anonymous and
+ * S/Key do not provide for any security layers.  GSSAPI and DIGEST-MD5
+ * allow negotiation of the security layer.  For External, the
+ * security layer is determined by the external protocol.
+ *
+ * <h3>Usage</h3>
+ *
+ * Users of this API are typically developers who produce
+ * client library implementations for connection-based protocols,
+ * such as LDAPv3 and IMAPv4,
+ * and developers who write servers (such as LDAP servers and IMAP servers).
+ * Developers who write client libraries use the
+ * {@code SaslClient} and {@code SaslClientFactory} interfaces.
+ * Developers who write servers use the
+ * {@code SaslServer} and {@code SaslServerFactory} interfaces.
+ *
+ * Among these two groups of users, each can be further divided into two groups:
+ * those who <em>produce</em> the SASL mechanisms and those
+ * who <em>use</em> the SASL mechanisms.
+ * The producers of SASL mechanisms need to provide implementations
+ * for these interfaces, while users of the SASL mechanisms use
+ * the APIs in this package to access those implementations.
+ *
+ * <h2>Related Documentation</h2>
+ *
+ * Please refer to the
+ * <a href="../../../../technotes/guides/security/sasl/sasl-refguide.html">Java
+ * SASL Programming Guide</a> for information on how to use this API.
+ *
+ * @since 1.5
+ */
+package javax.security.sasl;
--- a/src/share/classes/javax/security/sasl/package.html	Mon Jan 23 17:53:32 2017 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,114 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
-<html>
-<head>
-<!--
-Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
-DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-
-This code is free software; you can redistribute it and/or modify it
-under the terms of the GNU General Public License version 2 only, as
-published by the Free Software Foundation.  Oracle designates this
-particular file as subject to the "Classpath" exception as provided
-by Oracle in the LICENSE file that accompanied this code.
-
-This code is distributed in the hope that it will be useful, but WITHOUT
-ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-version 2 for more details (a copy is included in the LICENSE file that
-accompanied this code).
-
-You should have received a copy of the GNU General Public License version
-2 along with this work; if not, write to the Free Software Foundation,
-Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-or visit www.oracle.com if you need additional information or have any
-questions.
--->
-</head>
-<body bgcolor="white">
-
-Contains class and interfaces for supporting SASL.
-
-This package defines classes and interfaces for SASL mechanisms.
-It is used by developers to add authentication support for 
-connection-based protocols that use SASL. 
-
-<h4>SASL Overview</h4>
-<p>
-
-Simple Authentication and Security Layer (SASL) specifies a
-challenge-response protocol in which data is exchanged between the
-client and the server for the purposes of
-authentication and (optional) establishment of a security layer on
-which to carry on subsequent communications.  It is used with
-connection-based protocols such as LDAPv3 or IMAPv4.  SASL is
-described in
-<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>.
-
-<p>
-There are various <em>mechanisms</em> defined for SASL.
-Each mechanism defines the data that must be exchanged between the
-client and server in order for the authentication to succeed.
-This data exchange required for a particular mechanism is referred to
-to as its <em>protocol profile</em>.
-The following are some examples of mechanims that have been defined by 
-the Internet standards community.
-<ul>
-<li>DIGEST-MD5 (<A HREF="http://www.ietf.org/rfc/rfc2831.txt">RFC 2831</a>).
-This mechanism defines how HTTP Digest Authentication can be used as a SASL
-mechanism.
-<li>Anonymous (<A HREF="http://www.ietf.org/rfc/rfc2245.txt">RFC 2245</a>).
-This mechamism is anonymous authentication in which no credentials are
-necessary.
-<li>External (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
-This mechanism obtains authentication information 
-from an external source (such as TLS or IPsec).
-<li>S/Key (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
-This mechanism uses the MD4 digest algorithm to exchange data based on
-a shared secret.
-<li>GSSAPI (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>).
-This mechanism uses the 
-<A HREF="http://www.ietf.org/rfc/rfc2078.txt">GSSAPI</A>
-for obtaining authentication information.
-</ul>
-
-<p>
-Some of these mechanisms provide both authentication and establishment
-of a security layer, others only authentication.  Anonymous and
-S/Key do not provide for any security layers.  GSSAPI and DIGEST-MD5
-allow negotiation of the security layer.  For External, the
-security layer is determined by the external protocol.
-
-<h4>Usage</h4>
-
-<p>
-Users of this API are typically developers who produce
-client library implementations for connection-based protocols,
-such as LDAPv3 and IMAPv4,
-and developers who write servers (such as LDAP servers and IMAP servers).
-Developers who write client libraries use the
-<tt>SaslClient</tt> and <tt>SaslClientFactory</tt> interfaces.
-Developers who write servers use the
-<tt>SaslServer</tt> and <tt>SaslServerFactory</tt> interfaces.
-<p>
-Among these two groups of users, each can be further divided into two groups:
-those who <em>produce</em> the SASL mechanisms and those 
-who <em>use</em> the SASL mechanisms.
-The producers of SASL mechanisms need to provide implementations
-for these interfaces, while users of the SASL mechanisms use 
-the APIs in this package to access those implementations.
-
-<h2>Related Documentation</h2>
-
-Please refer to the 
-<a href="../../../../technotes/guides/security/sasl/sasl-refguide.html">Java 
-SASL Programming Guide</a> for information on how to use this API.
-
-
-@since 1.5
-
-
-</body>
-</html>
-