RFR release notes for multiple enhancements: krb5, SASL, JAAS, policytool
Weijun Wang
weijun.wang at oracle.com
Thu Jan 19 02:45:25 UTC 2017
One more:
https://bugs.openjdk.java.net/browse/JDK-8173018
(https://bugs.openjdk.java.net/browse/JDK-8076535)
Deprecate the com.sun.jarsigner package
The `com.sun.jarsigner` package is being deprecated. This includes
the `ContentSigner` class, the `ContentSignerParameters` interface, and
the jarsigner command's "-altsigner" and "-altsignerpath" options.
Thanks
Max
On 01/19/2017 10:40 AM, Weijun Wang wrote:
> Hi All
>
> Please review the following release notes. For each one, I've listed the
> JBS URL for the release-note task, the original bug (in parentheses),
> the synopsis, and the intended release note text:
>
> https://bugs.openjdk.java.net/browse/JDK-8173011
> (https://bugs.openjdk.java.net/browse/JDK-8029995)
> accept yes/no for boolean krb5.conf settings
>
> krb5.conf now accepts "yes" or "no" for boolean-valued settings.
>
> https://bugs.openjdk.java.net/browse/JDK-8173012
> (https://bugs.openjdk.java.net/browse/JDK-8044085)
> Access ExtendedGSSContext.inquireSecContext() result through SASL
>
> The output of `ExtendedGSSContext.inquireSecContext()` is now
> available as negotiated properties for the SASL GSSAPI mechanism using
> the name "com.sun.security.jgss.inquiretype.<type_name>", where
> "type_name" is the string form of the `InquireType` enum parameter in
> lower case, for example,
> "com.sun.security.jgss.inquiretype.krb5_get_session_key_ex" for the
> session key of an established Kerberos 5 security context.
>
> https://bugs.openjdk.java.net/browse/JDK-8173014
> (https://bugs.openjdk.java.net/browse/JDK-8047789)
> auth.login.LoginContext needs to be updated to work with modules
>
> After this change, besides including the necessary methods
> (`initialize`, `login`, `logout`, `commit`, `abort`), any login module
> must implement the `LoginModule` interface. Otherwise a `LoginException`
> will thrown when the login module is used.
>
> https://bugs.openjdk.java.net/browse/JDK-8173015
> (https://bugs.openjdk.java.net/browse/JDK-8056174)
> New APIs for jar signing
>
> A new `jdk.security.jarsigner.JarSigner` API is added to the
> `jdk.jartool` module which can be used to sign a jar file.
>
> https://bugs.openjdk.java.net/browse/JDK-8173016
> (https://bugs.openjdk.java.net/browse/JDK-8147400)
> Deprecate policytool
>
> The policytool is moved to the `jdk.policytool` and deprecated.
>
> https://bugs.openjdk.java.net/browse/JDK-8173017
> (https://bugs.openjdk.java.net/browse/JDK-8157848)
> Deprecate the javax.security.auth.Policy API with forRemoval=true
>
> The `javax.security.auth.Policy` class has been deprecated since JDK
> 1.4 and superseded/replaced by java.security.Policy. It is now marked
> `forRemoval=true` and will be removed in a future release.
>
> Thanks
> Max
More information about the security-dev
mailing list