Disabling Legacy Security Realms
by Darran Lofthouse
In preparation for the eventual removal of the legacy security realms I
would like to first reach an intermediate state where their use can be
disabled.
Disabling the use of a subsystem is fairly easy, if we omit the jars
containing the extension and don't register the extension then the
subsystem is unavailable. The legacy security realms are a little
different as they are a part of core.
I think there are two situations I would like to disable them:
- Provisioned configurations where they are disabled.
- Certain environments e.g. Java 17
For the former I can easily do something like ServiceLoader discovery or
Class.forName to detect if required classes have been provisioned or not,
for the latter I can check the Java version at runtime,
I would propose that in the disabled cases the resources are just not
registered in the management model at all. These are not a
transformed resource so nothing special to consider there. For the XML
parsing if the legacy security realms are found in the configuration I
would then log an error to indicate they have been disabled and abort the
boot process.
Technically it feels achievable, the only piece really that is not accurate
is the XML schema for management would still show these as valid elements.
Alternatively I could log a warning and ignore these elements but that
feels like it may cause more issues as users would be expecting them to be
handled and any future writes to the configuration would drop them anyway.
Regards,
Darran Lofthouse.
2 years, 12 months
JDK 17 Early Access build 18 is available
by Rory O'Donnell
*Hi David & Richard, *
*OpenJDK 17 Early Access build 18****is now available at
**https://jdk.java.net/17 <https://jdk.java.net/17>*
* These early-access , open-source builds are provided under the
o GNU General Public License, version 2, with the Classpath
Exception <https://openjdk.java.net/legal/gplv2+ce.html>
* Release Notes are available at http://jdk.java.net/17/release-notes
<https://jdk.java.net/17/release-notes>
**G1 pauses may be extremely long with EA build JDK-17+18*
*During performance testing we noticed that due to a recent change
(JDK-8262068) GC pauses after a G1 full GC may be extremely slow. The
problem has been fixed with JDK-8264987 and that has already been
integrated. This change will be available with the following EA build
JDK-17+19. For more technical info please see [1]
*JEP 382 [2]** - Starting with build 19, **JDK 17 for macOS is
*temporarily* switched from using OpenGL**to using Apple's Metal
API**for Java 2D rendering.*
Heads up to anyone who is testing JDK 17 for running apps on macOS.
Starting with build 19, JDK 17 for macOS is *temporarily* switched from
using OpenGL to using Apple's Metal API for Java 2D rendering.
If you are running any kind of 2D / Swing/ AWT UI application on macOS,
and see any rendering related problems
starting with JDK 17 b19, please do report them to us along with a test
case and screen shots.
You may also set "-Dsun.java2d.opengl=true" to re-enable OpenGL - which
implicitly disables Metal - to confirm that it is a Metal related
rendering glltch.
Rgds,Rory
[1]
https://mail.openjdk.java.net/pipermail/hotspot-gc-dev/2021-April/034745....
[2] https://openjdk.java.net/jeps/382
--
Rgds, Rory O'Donnell
Quality Engineering Manager
Oracle EMEA, Dublin, Ireland
2 years, 12 months
how to choose best marketing company for grow business
by Radical geeks
Best IT Business consultant and Digital marketing company in Delhi. Founded in 2010, Radical-Geeks is a provider of web and software development, product design, mobile app & CRM development consultancy services. Headquartered in New Delhi, India, Radical-Geeks has completed more than 2100 projects. their services primarily midmarket and small business companies in the healthcare, IT, and transportation industries.
https://www.radical-geeks.com/
3 years
Fwd: New candidate JEP: 411: Deprecate the Security Manager for Removal
by Richard Opalka
FYI
---------- Forwarded message ---------
From: <mark.reinhold(a)oracle.com>
Date: Thu, Apr 15, 2021 at 8:06 PM
Subject: New candidate JEP: 411: Deprecate the Security Manager for Removal
To: <sean.mullan(a)oracle.com>
Cc: <security-dev(a)openjdk.java.net>, <jdk-dev(a)openjdk.java.net>
https://openjdk.java.net/jeps/411
Summary: Deprecate the Security Manager for removal in a future
release. The Security Manager dates from Java 1.0. It has not been the
primary means of securing client-side Java code for many years, and it
has rarely been used to secure server-side code. To move Java forward,
we intend to deprecate the Security Manager for removal in concert with
the legacy Applet API (JEP 398).
- Mark
--
Richard Opalka
Principal Software Engineer
Red Hat JBoss Middleware
Mobile: +420 731 186 942
E-mail: ropalka(a)redhat.com
3 years
Fwd: [jakartaee-platform-dev] Stand-alone TCK promotion progress update
by Brian Stansberry
I'm forwarding this on to this list as an FYI for anyone here who's
involved with these spec projects.
---------- Forwarded message ---------
From: Ed Bratt <ed.bratt(a)oracle.com>
Date: Thu, Apr 15, 2021 at 11:57 AM
Subject: [jakartaee-platform-dev] Stand-alone TCK promotion progress update
To: jakartaee-tck developer discussions <jakartaee-tck-dev(a)eclipse.org>
Cc: jakartaee-platform developer discussions <
jakartaee-platform-dev(a)eclipse.org>
Hi there,
This is a progress report on the "stand-alone" TCKs that are produced by
the Jakarta EE TCK project.
We are still working to get Spec. team feedback on the stand-alone TCKs so
that we can move them to "promoted" status. We have received responses and
are either prepared to promote, or working to address missing or incorrect
documentation on over half these TCKs. I propose that we promote all TCKs
listed below by Sunday this weekend unless there is some active blocker
identified by the component team.
Late last week, I notified all the leads and dev groups via e-mail for
these projects and we've received good response so far (direct to leads,
and cc-ed the -dev list). However, the deadline to have RC candidate TCKs
ready next week forces this into crunch priority. I have re-spammed all the
projects and leads with TCKs that are not yet ready to be promoted (the
first two lists below).
If you have contacts in any of the projects listed in the "with no
response" list, please reach out and encourage your colleagues to have a
look at the TCK documentation.
Specs with no response (Links are to the "review request" issue in Jakarta
EE TCK project):
1. Concurrency <https://github.com/eclipse-ee4j/jakartaee-tck/issues/683>
2. Connectors <https://github.com/eclipse-ee4j/jakartaee-tck/issues/684>
3. Authorization
<https://github.com/eclipse-ee4j/jakartaee-tck/issues/686>
4. Authentication
<https://github.com/eclipse-ee4j/jakartaee-tck/issues/687>
5. XML Web Services
<https://github.com/eclipse-ee4j/jakartaee-tck/issues/689>
6. Messaging <https://github.com/eclipse-ee4j/jakartaee-tck/issues/690>
7. Faces <https://github.com/eclipse-ee4j/jakartaee-tck/issues/693>
8. Security <https://github.com/eclipse-ee4j/jakartaee-tck/issues/697>
9. SOAP <https://github.com/eclipse-ee4j/jakartaee-tck/issues/699>
Specs. with work in progress:
1. Restful Web Services
<https://github.com/eclipse-ee4j/jakartaee-tck/issues/688>
2. Web Socket <https://github.com/eclipse-ee4j/jakartaee-tck/issues/701>
Specs. reviewed and ready to promote:
1. EL <https://github.com/eclipse-ee4j/jakartaee-tck/issues/685>
2. Pages <https://github.com/eclipse-ee4j/jakartaee-tck/issues/691>
3. Persistence <https://github.com/eclipse-ee4j/jakartaee-tck/issues/692>
4. JSON B <https://github.com/eclipse-ee4j/jakartaee-tck/issues/694>
5. JSON P <https://github.com/eclipse-ee4j/jakartaee-tck/issues/695>
6. Tags <https://github.com/eclipse-ee4j/jakartaee-tck/issues/696>
7. Servlet <https://github.com/eclipse-ee4j/jakartaee-tck/issues/698>
8. Transactions
<https://github.com/eclipse-ee4j/jakartaee-tck/issues/700>
9. Annotations <https://github.com/eclipse-ee4j/jakartaee-tck/issues/682>
For review, all the staged TCKs from Jakarta EE TCK project, for 9.1 can be
found in this download folder
<https://download.eclipse.org/ee4j/jakartaee-tck/jakartaee9-eftl/staged-910/>.
Once they are promoted the specific TCKs will be moved here
<https://download.eclipse.org/ee4j/jakartaee-tck/jakartaee9-eftl/promoted/>.
Thanks for your help,
-- Ed
_______________________________________________
jakartaee-platform-dev mailing list
jakartaee-platform-dev(a)eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jakartaee-platform-dev
--
Brian Stansberry
Principal Architect, Red Hat JBoss EAP
He/Him/His
If I am writing outside of normal office hours, it is my choice; you do not
need to do the same
3 years
STUDY IN INDIA AND ABROAD - Your Way To Success
by Future Education
Future Education is an education consultancy and the best education service, provider. it founded in 2010. they have a very expert team. it has been working for last 10 yrs in education industires. they guide as a personal adviser and solving problems in education-related. like admission in top colleges, admission top courses, abroad study, etc. https://www.futeducation.com/
3 years
