Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jakartaee-platform-dev] Reduce emphasis on security manager in EE 10?

Just a clarification, the security manager is being deprecated in 17 for removal in a later version. The current JEP says it will start to be degraded in 18:

I think we are fine with making security tests optional, but then the issue of reporting the status of optional tests in TCK runs comes up. We had the discussion of making the status of optionality results manifest in compatibility requests, but our position was that this should be handled by the TCK reporting.

On Jul 29, 2021 at 8:51:46 AM, arjan tijms <arjan.tijms@xxxxxxxxx> wrote:

The Jakarta Platform has a very strong emphasis on the security manager, especially when it comes to TCK testing. A lot (or everything?) is tested with the security manager enabled, and constituent specs and implementations have to comply with that.

As the security manager has been deprecated for removal in JDK 17, I wonder if we should not start taking the first steps in EE 10 to anticipate for this, even though EE 10 is not targeting JDK 17.

Perhaps we could start with making security manager enabled TCK runs optional?

Kind regards,
jakartaee-platform-dev mailing list
To unsubscribe from this list, visit

Back to the top