RFR release notes for multiple enhancements: krb5, SASL, JAAS, policytool

Weijun Wang weijun.wang at oracle.com
Thu Jan 19 14:20:49 UTC 2017


Another one:

https://bugs.openjdk.java.net/browse/JDK-8173035
(https://bugs.openjdk.java.net/browse/JDK-8029904)
Remove com.sun.security.auth.callback.DialogCallbackHandler

     `com.sun.security.auth.callback.DialogCallbackHandler` has been 
removed in JDK 9. This class, in the JDK-specific extensions to JAAS, 
was deprecated in JDK 8 and previously flagged for removal.

Thanks
Max

On 01/19/2017 10:45 AM, Weijun Wang wrote:
> One more:
>
> https://bugs.openjdk.java.net/browse/JDK-8173018
> (https://bugs.openjdk.java.net/browse/JDK-8076535)
> Deprecate the com.sun.jarsigner package
>
>     The `com.sun.jarsigner` package is being deprecated. This includes
> the `ContentSigner` class, the `ContentSignerParameters` interface, and
> the jarsigner command's "-altsigner" and "-altsignerpath" options.
>
> Thanks
> Max
>
> On 01/19/2017 10:40 AM, Weijun Wang wrote:
>> Hi All
>>
>> Please review the following release notes. For each one, I've listed the
>> JBS URL for the release-note task, the original bug (in parentheses),
>> the synopsis, and the intended release note text:
>>
>> https://bugs.openjdk.java.net/browse/JDK-8173011
>> (https://bugs.openjdk.java.net/browse/JDK-8029995)
>> accept yes/no for boolean krb5.conf settings
>>
>>    krb5.conf now accepts "yes" or "no" for boolean-valued settings.
>>
>> https://bugs.openjdk.java.net/browse/JDK-8173012
>> (https://bugs.openjdk.java.net/browse/JDK-8044085)
>> Access ExtendedGSSContext.inquireSecContext() result through SASL
>>
>>    The output of `ExtendedGSSContext.inquireSecContext()` is now
>> available as negotiated properties for the SASL GSSAPI mechanism using
>> the name "com.sun.security.jgss.inquiretype.<type_name>", where
>> "type_name" is the string form of the `InquireType` enum parameter in
>> lower case, for example,
>> "com.sun.security.jgss.inquiretype.krb5_get_session_key_ex" for the
>> session key of an established Kerberos 5 security context.
>>
>> https://bugs.openjdk.java.net/browse/JDK-8173014
>> (https://bugs.openjdk.java.net/browse/JDK-8047789)
>> auth.login.LoginContext needs to be updated to work with modules
>>
>>    After this change, besides including the necessary methods
>> (`initialize`, `login`, `logout`, `commit`, `abort`), any login module
>> must implement the `LoginModule` interface. Otherwise a `LoginException`
>> will thrown when the login module is used.
>>
>> https://bugs.openjdk.java.net/browse/JDK-8173015
>> (https://bugs.openjdk.java.net/browse/JDK-8056174)
>> New APIs for jar signing
>>
>>    A new `jdk.security.jarsigner.JarSigner` API is added to the
>> `jdk.jartool` module which can be used to sign a jar file.
>>
>> https://bugs.openjdk.java.net/browse/JDK-8173016
>> (https://bugs.openjdk.java.net/browse/JDK-8147400)
>> Deprecate policytool
>>
>>    The policytool is moved to the `jdk.policytool` and deprecated.
>>
>> https://bugs.openjdk.java.net/browse/JDK-8173017
>> (https://bugs.openjdk.java.net/browse/JDK-8157848)
>> Deprecate the javax.security.auth.Policy API with forRemoval=true
>>
>>    The `javax.security.auth.Policy` class has been deprecated since JDK
>> 1.4 and superseded/replaced by java.security.Policy. It is now marked
>> `forRemoval=true` and will be removed in a future release.
>>
>> Thanks
>> Max


More information about the security-dev mailing list