EE 10 is targetting JDK 11 and 17, so I am afraid I don't see how crashing users that aren't even on 18 sends the right signal?
Or are you telling me GlassFish will forbid usage of SM even as it releases EE 10 compatible version?

Once JDK 18+ gets supported, I suppose we'll have to use an MR JAR (or maybe there is a better solution, haven't thought about it much) but until then, we are bound to support it somehow :-/


On Wed, Feb 23, 2022 at 5:14 PM arjan tijms <> wrote:

On Wed, Feb 23, 2022 at 4:19 PM Matej Novotny <> wrote:
I do know that SM should be removed in the future, but we're no there yet. But maybe I am missing something. 

That future is getting closer and closer, since JDK 18 is about to be released which throws exceptions when the securitymanager is set. To that end, adding security actions where we maybe should be removing them instead, seems to send the wrong signal.

Kind regards,
cdi-dev mailing list
To unsubscribe from this list, visit