Versions Compared

Old Version 6

changes.mady.by.user Greg Harris

Saved on

compared with

New Version 7

changes.mady.by.user Greg Harris

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reword Compatibility section for more clarity.

...

We can notify users of this removal with a log message, and with a notice in the Kafka documentation, and rely on the runtime's built-in deprecation warning log messages.

Remove compile-time usages & detect SecurityManager removal at runtime

...

Compatibility, Deprecation, and Migration Plan

The static utility will be backwards-compatible, allowing the use of both the legacy SecurityManager bindings, or the modern replacements if the legacy bindings are degraded or removed.

Users upgrading to Java 17+ (in which SecurityManager was deprecated) will receive this warning message from the runtime, indicating they have a security manager dependency that will not be supported in the future. This will also serve as the runtime deprecation notice for Kafka.

WARNING: A command line option has enabled the Security Manager
WARNING: The Security Manager is deprecated and will be removed in a future release

WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by %s
WARNING: Please consider reporting this to the maintainers of %s
WARNING: System::setSecurityManager will be removed in a future release

Users upgrading to a version of Java or Kafka without SecurityManager support will need to disable their security manager implementations/configurations entirely. Once the java.security.manager property is not specified, some or all of the legacy methods may throw UnsupportedOperationException, which will switch to using cause the new implementations to be used instead.

Removing SecurityManager support is a breaking change and will happen in a major version. Users upgrading to Java 17+ (in which SecurityManager was deprecated) already receive a warning message on startupa version of Kafka without SecurityManager support will need to disable their security manager implementations/configurations entirely. This version will have no calls to the legacy methods at all, and will always use the new versions.

Test Plan

There are currently no tests exercising the SecurityManager interface in Kafka, and no new tests for the end-to-end behavior will be added for this project.

...

The SecurityManager is a flawed design, and we should not replicate it or try to solve those problems in a similar way. Instead we should encourage users to use the process boundary as a security boundary.