[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jakarta.ee-community] removal of java.security.Identity in JDK 12
|
I’m not concerned about this from a Jakarta EE perspective because as you say this can be fixed in a new release. However I am concerned about what this means for application servers that have already shipped. I would still expect to want to support the use of Java EE 6, 7 & 8 function post the end of support date of Java 11. I would hope that leeway would be provided via the EE CTS requirements for when this happens.
> On Oct 31, 2018, at 1:31 PM, Bill Shannon <bill.shannon@xxxxxxxxxx> wrote:
>
> The java.security.Identity class has been deprecated since J2SE 1.2.
> The EJBContext class uses java.security.Identity in the getCallerIdentity
> method, which has been deprecated almost as long, and is replaced by
> the getCallerPrincipal method.
>
> The JDK team proposes removing the java.security.Identity class in JDK 12.
> A consequence of this is that it would *not be possible* for any
> *Java EE compatible product* to *support JDK 12 or later*.
>
> (Note that this is not a *technical* issue, but rather a violation of
> the Java EE compatibility requirements and the CTS.)
>
> Presumably the EJBContext class would be updated for Jakarta EE 9 to
> remove the getCallerIdentity method, thus solving this problem for
> products that support Jakarta EE 9 or later.
>
> If this is a concern for you, please send feedback to
> security-dev@xxxxxxxxxxxxxxxx, or contact sean.mullan@xxxxxxxxxx
> directly.
>
> Thank you.
> _______________________________________________
> jakarta.ee-community mailing list
> jakarta.ee-community@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from this list, visit
> https://www.eclipse.org/mailman/listinfo/jakarta.ee-community
