RFR: 8348967: Deprecate security permission classes for removal
robert engels
duke at openjdk.org
Fri Apr 4 15:02:23 UTC 2025
On Fri, 4 Apr 2025 12:42:36 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> Please review this change to terminally deprecate the following security related permission classes: `java.security.AllPermission`, `java.security.UnresolvedPermission`, `javax.net.ssl.SSLPermission`, `javax.security.auth.AuthPermission`, `javax.security.auth.PrivateCredentialPermission`, `javax.security.auth.kerberos.DelegationPermission`, `javax.security.auth.kerberos.ServicePermission`, `com.sun.security.jgss.InquireSecContextPermission`. These classes were only useful in conjunction with the Security Manager, which is no longer supported.
>
> The current API note in these classes was reused as the deprecation text.
>
> Release Note: https://bugs.openjdk.org/browse/JDK-8353680
Sad day when the Java backwards compatibility promise is thrown out the window because a bunch of developers need work to do. Removing these classes does nothing towards the reduced api surface the goal of removing the SM had. I suspect these classes haven’t changed in 20 years.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/24445#issuecomment-2778984443
More information about the net-dev
mailing list