Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jakartaee-platform-dev] [External] : Reduce emphasis on security manager in EE 10?

On Tue, Aug 17, 2021, 4:46 PM Scott Marlow <smarlow@xxxxxxxxxx> wrote:

On 8/17/21 2:14 PM, Lukas Jungmann wrote:

On 7/29/21 3:51 PM, arjan tijms wrote:

The Jakarta Platform has a very strong emphasis on the security manager, especially when it comes to TCK testing. A lot (or everything?) is tested with the security manager enabled, and constituent specs and implementations have to comply with that.

As the security manager has been deprecated for removal in JDK 17, I wonder if we should not start taking the first steps in EE 10 to anticipate for this, even though EE 10 is not targeting JDK 17.

Perhaps we could start with making security manager enabled TCK runs optional?

It looks like this got buried here - have you had a chance to discuss this with Scott (cc'ed), ie through different channel, already?

I think that he tests that specifically require the security manager are under { ejb30/sec, connector, servlet, securityapi }. 

Do we know which JDK classes will definitely be removed along with the security manager?  The TCK doesn't have a good way to deal with missing security manager related classes. does mention the classes/methods to be removed.

I believe that our tck process document should be updated to allow a service release to address a new JDK release so that we could consider changing the EE 10 tcks if needed for JDK 18.

Another option could be separating use of security manager classes to be in optional tests.  This may be difficult to do without refactoring the involved tests to separate testing of security manager from testing of other technologies.

Another option could be to delay dealing with JDK 18+ changes until a later EE release.  


Kind regards,

jakartaee-platform-dev mailing list
To unsubscribe from this list, visit;!!ACWV5N9M2RV99hQ!dg74znjhBmn8jZ5FrmxPZx8H-Krvvh1j0v6o293w_B8kx04mdIcrnm8_s1IXoFlyrjw$


Back to the top