-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Design and implement replacement for Policy #99
Comments
See also jakartaee/platform#406 |
It does not seem likely we can address this issue for EE10. |
Very, very unfortunately indeed not, but it is what it is. This will have to be addressed in the next major version then. |
A typical pattern for using the boolean checkPermission(Permission permissionToBeChecked, Set<Principal> principals) {
return policy.implies(newProtectionDomain(principals), permissionToBeChecked);
} Where private ProtectionDomain newProtectionDomain(Set<Principal> principalSet) {
return new ProtectionDomain(
emptyCodeSource,
null,
null,
principalSet == null ? null : (Principal[]) principalSet.toArray(new Principal[0]));
} The new |
Signed-off-by: Arjan Tijms <arjan.tijms@omnifish.ee>
The
java.security.Policy
class is currently deprecated for removal as part of https://openjdk.java.net/jeps/411 that deprecates the entire security manager.Jakarta Authorization uses Policy as an entry into its authorization modules; meaning the container calls methods on Policy in order to interact with these. As
Policy
is going to be removed, this has a big impact on this API.The best course of action is likely to create a replacement class for
Policy
containing exactly the methods a container would normally call. These are essentially theimplies
method and the "getPermissions" method.The text was updated successfully, but these errors were encountered: