Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jakartaee-platform-dev] [External] : Reduce emphasis on security manager in EE 10?

On 8/17/21 2:14 PM, Lukas Jungmann wrote:

On 7/29/21 3:51 PM, arjan tijms wrote:

The Jakarta Platform has a very strong emphasis on the security manager, especially when it comes to TCK testing. A lot (or everything?) is tested with the security manager enabled, and constituent specs and implementations have to comply with that.

As the security manager has been deprecated for removal in JDK 17, I wonder if we should not start taking the first steps in EE 10 to anticipate for this, even though EE 10 is not targeting JDK 17.

Perhaps we could start with making security manager enabled TCK runs optional?

It looks like this got buried here - have you had a chance to discuss this with Scott (cc'ed), ie through different channel, already?

I think that he tests that specifically require the security manager are under { ejb30/sec, connector, servlet, securityapi }. 

Do we know which JDK classes will definitely be removed along with the security manager?  The TCK doesn't have a good way to deal with missing security manager related classes.


Kind regards,

jakartaee-platform-dev mailing list
To unsubscribe from this list, visit;!!ACWV5N9M2RV99hQ!dg74znjhBmn8jZ5FrmxPZx8H-Krvvh1j0v6o293w_B8kx04mdIcrnm8_s1IXoFlyrjw$


Back to the top