-
Notifications
You must be signed in to change notification settings - Fork 664
Lift minimum JDK version to 21 and remove SecurityManager#2214
Lift minimum JDK version to 21 and remove SecurityManager #2214holgerfriedrich wants to merge 3 commits intoapache:main from
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's require change on the karaf-maven-plugin and dependencies. I will create another PR (as planned) to tackle that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would rather remove the test (to avoid confusion) or refactor it instead of ignoring it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, if I just remove the SecurityManager assertion, the test completes.
I am not sure if I get completely what this test was intended for (it checks that all bundles come up after applying a specific config - but how this was related to SecurityManager, I still don't get).
I pushed the change to ignore that no SecurityManager is there.
holgerfriedrich
commented
Jan 9, 2026
@jbonofre is there anying else open I should address?
jbonofre
commented
Jan 9, 2026
@holgerfriedrich I think this PR is pretty good, it just needs dependent PRs. I will tackle that.
* Lift minimum JDK version to 21 * Remove occurrences of SecurityManager, as getSecurityManager returns null since JDK 18 * Disable JavaSecurityTest, apache#2082 * Enable verbose deprecation warnings Signed-off-by: Holger Friedrich <mail@holger-friedrich.de>
getSubject can no longer be activated via JRE command line as SecurityManager has been removed in JDK 25. A replacement is available since Java 21. doAs was deprecated and is replaced by callAll. Signed-off-by: Holger Friedrich <mail@holger-friedrich.de>
Signed-off-by: Holger Friedrich <mail@holger-friedrich.de>
023bbe9 to
8ed17ca
Compare
jbonofre
commented
Feb 10, 2026
@holgerfriedrich do you mind to share your email address with me ? I just realize that you didn't subscribe on the dev mailing list, and you are not on The ASF slack Karaf channel. Thanks !
Uh oh!
There was an error while loading. Please reload this page.
This is a first step to prepare the 4.5 branch for running with Java 25.
Starting Karaf in Java 25 does not yet work, as a few functions related to the SecurityManager have been deprecated long time ago and cannot be activated any longer via command line switches.
As a new API has been added in Java 18, I for new lift the minimum required version to Java 21 (LTS).
Maybe this is not the way to go - as there has been some discussions if we could introduce an abstraction layer to allow Java 17 as well.
null since JDK 18
(削除) Disable JavaSecurityTest, Rework JavaSecurityTest #2082 (削除ここまで)** getSubject can no longer be activated via JRE command line as
SecurityManager has been removed in JDK 25.
A replacement is available since Java 21.
** doAs was deprecated and is replaced by callAll.
For Java 25, another set of modifications is still needed and will be submitted as another PR.
Locally, I got Karaf compiling, passing the tests, and starting with Java 25. 🥳