RFR: 8333344: JMX attaching of Subject does not work when security manager not allowed [v18]
Alan Bateman
alanb at openjdk.org
Tue Jun 18 11:08:11 UTC 2024
On Mon, 17 Jun 2024 20:51:34 GMT, Kevin Walls <kevinw at openjdk.org> wrote:
>> JMX uses APIs related to the Security Mananger which are deprecated. Use of AccessControlContext will be removed when Security Manager is removed.
>>
>> Until then, updates are needed to not require setting -Djava.security.manager=allow to use JMX authentication.
>
> Kevin Walls has updated the pull request incrementally with one additional commit since the last revision:
>
> braces
I skimmed through the changes, much more readable now compared to some of the initial revisions. I kinda agree with one of the comments from a few days ago that if (allow) { .. } else { ..} is easier to read than putting the disallow case first. It's not a big deal as this code will be changed very soon to remove the SM path.
As regards testing then I think the highest priority should be to default/no-SM case. We need to be confident that there are no regressions in JMX for this execution mode. We don't have of course want to regression for the SM case but that is a niche execution mode and not long for this world.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/19624#issuecomment-2175831168
More information about the serviceability-dev
mailing list