RFR: 8349546: Linux support for Kerberos "nativeccache" functionality [v13]
Erik Joelsson
erikj at openjdk.org
Wed Nov 26 14:12:13 UTC 2025
On Wed, 26 Nov 2025 09:33:26 GMT, Nick Hall <duke at openjdk.org> wrote:
> > After some offline discussion, I'm now OK with making this an optional feature at build time.
>
> I think the only downside of this is that distributions might not build it in - meaning that people who want this would have to resort to compiling their own JVM (which some corporates, where this is most likely to be useful, might not allow - e.g. those that get their Java from RH/Canonical etc under a support agreement) or lobby their upstream provider, which isn't always particularly fruitful...
If you want to drive adoption, or even think about making this mandatory at build time, then at the very least you need to make sure the devkits produced by the makefiles under `make/devkit/...` contain the necessary build time dependencies and generally work with this feature. At least at Oracle we rely on these for our builds and my impression is that at least some other vendors do too.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/28075#issuecomment-3581491313
More information about the security-dev
mailing list