Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deprecate all SecurityManager usages in API/Spec in light of JEP-411 and Java 17 #138

Closed
joakime opened this issue Jan 27, 2022 · 3 comments · Fixed by #141
Closed

Deprecate all SecurityManager usages in API/Spec in light of JEP-411 and Java 17 #138

joakime opened this issue Jan 27, 2022 · 3 comments · Fixed by #141
Labels
3.0
Milestone
3.0.0

Comments

@joakime
Copy link

joakime commented Jan 27, 2022

JEP-411 - https://openjdk.java.net/jeps/411

The Java SecurityManager is dead, it is not supported in Java 17, and will be removed in the next Java release.

Jakarta Authentication should remove the related SecurityManager usages and requirements.

Example: jakarta.security.auth.message.config.AuthConfigFactory.checkPermission(Permission) should be removed.

https://github.com/jakartaee/authentication/blob/master/api/src/main/java/jakarta/security/auth/message/config/AuthConfigFactory.java#L157
@joakime joakime changed the title Remove all SecurityManager usages in API/Spec in light of JEP-411 Remove all SecurityManager usages in API/Spec in light of JEP-411 and Java 17 Jan 27, 2022
@joakime joakime mentioned this issue Jan 27, 2022
Closed
@darranl
Copy link
Contributor

darranl commented Jan 27, 2022

FYI the following was created at the platform level regarding deprecation and subsequent removal:
jakartaee/platform#406

@joakime
Copy link
Author

joakime commented Jan 27, 2022

Interesting, shame there's not much meat on that platform level issue.

@arjantijms
Copy link
Contributor

@joakime @darranl I'll deprecate the public static permissions that are used to protect the
static getFactory and setFactory methods. We can remove the method you indicated as well as those permissions in a next version, perhaps even in a .1 maintenance update between EE 10 and EE 11.

@arjantijms arjantijms changed the title Remove all SecurityManager usages in API/Spec in light of JEP-411 and Java 17 Deprecate all SecurityManager usages in API/Spec in light of JEP-411 and Java 17 Feb 21, 2022
@arjantijms arjantijms added this to the 3.0.0 milestone Feb 21, 2022
@arjantijms arjantijms added the 3.0 label Feb 21, 2022
arjantijms added a commit to arjantijms/authentication that referenced this issue Feb 21, 2022
@arjantijms
jakartaee#138 Deprecate SecurityManager usage in light of JDK 17/JEP 411
78eb235 
Signed-off-by: Arjan Tijms <[email protected]>
This was referenced Feb 21, 2022
Merged
Closed
arjantijms added a commit that referenced this issue Feb 21, 2022
@arjantijms
Merge pull request #141 from arjantijms/138_deprecate_securitymanager
de5eb97 
#138 Deprecate SecurityManager usage in light of JDK 17/JEP 411
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
3.0
Projects
None yet
Milestone
3.0.0
Development

Successfully merging a pull request may close this issue.

#138 Deprecate SecurityManager usage in light of JDK 17/JEP 411 arjantijms/authentication
3 participants
@joakime @darranl @arjantijms