Updates to JEP 411: Deprecate the Security Manager for Removal

Sean Mullan sean.mullan at oracle.com
Wed May 19 13:48:35 UTC 2021

Thanks for those that have taken the time to review JEP 411 [1]. The JEP 
has been updated today with a few changes, the most significant which is 
the addition of a new section titled "Future Work" [2] which lists 
related potential enhancements and works in progress.

Other smaller changes have been made throughout the JEP, including:

  - The "Alternate JAAS APIs" section has been removed and replaced with 
a smaller section in the Description section with a pointer to a JBS 
issue with more details.

  - Changes have been made to the Motivation section to improve some of 
the wording and add more details.

  - A new item named "Preserve the Security Manager API for extension by 
custom Security Managers that wish to intercept, log, and veto access to 
resources" has been added to the Alternatives section, as this has been 
a topic of discussion since the JEP has been published.

  - RMISecurityException has been removed from the list of APIs to be 
deprecated for removal, and 
privilegedCallableUsingCurrentClassLoader, privilegedThreadFactory} have 
been added.


[1] https://openjdk.java.net/jeps/411
[2] https://openjdk.java.net/jeps/411#Future-Work

More information about the jdk-dev mailing list