[jira] [Commented] (HADOOP-19212) [JDK23] org.apache.hadoop.security.UserGroupInformation use of Subject needs to move to replacement APIs

Wed, 27 Aug 2025 20:22:59 -0700 


    [ 
https://issues.apache.org/jira/browse/HADOOP-19212?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18016678#comment-18016678
 ] 

ASF GitHub Bot commented on HADOOP-19212:
-----------------------------------------

slfan1989 commented on PR #7886:
URL: https://github.com/apache/hadoop/pull/7886#issuecomment-3231666377

   > @slfan1989 @pan3793 Voting for RC3 is currently on-going, started last 
last thursday. We have 5 binding votes already so I think we should be able to 
successfully release 3.4.2 soon. If for any reason that doesn't happen, we can 
get this into 3.4.2
   
   @ahmarsuhail Sorry for the late reply. I’ve discussed with @pan3793 offline, 
and we plan to release this PR in the next version, as additional PRs may be 
needed to ensure greater stability. Thank you all for your contributions to the 
3.4.2 release!




> [JDK23] org.apache.hadoop.security.UserGroupInformation use of Subject needs 
> to move to replacement APIs
> --------------------------------------------------------------------------------------------------------
>
>                 Key: HADOOP-19212
>                 URL: https://issues.apache.org/jira/browse/HADOOP-19212
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: 3.5.0
>            Reporter: Alan Bateman
>            Priority: Major
>              Labels: pull-request-available
>
> `javax.security.auth.Subject.getSubject` and `Subject.doAs` were deprecated 
> for removal in JDK 17. The replacement APIs are `Subject.current` and 
> `callAs`. See [JEP 411]([https://openjdk.org/jeps/411]) for background.
> The `Subject.getSubject` API has been "degraded" in JDK 23 to throw 
> `UnsupportedOperationException` if not running with the option to allow a 
> SecurityManager. In a future JDK release, the `Subject.getSubject` API will 
> be degraded further to throw`UnsupportedOperationException` unconditionally.
> [renaissance/issues/439]([https://github.com/renaissance-benchmarks/renaissance/issues/439])
>  is a failure with a Spark benchmark due to the code in 
> `org.apache.hadoop.security.UserGroupInformation` using the deprecated 
> `Subject.getSubject` method. The maintainers of this code need to migrate 
> this code to the replacement APIs to ensure that this code will continue to 
> work once the security manager feature is removed.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

Reply via email to