Hi Mickael, Thanks for the pointer to that JDK ticket, I did not realize that the legacy APIs were going to be degraded instead of removed.
I have updated the KIP to accommodate for this change in the JDK implementation. In addition to detecting the removal of the method/classes, it will also fall back to the new implementations when encountering an UnsupportedOperationException. Since this will be a blocker for supporting JDK 23, I'll open a vote thread for this next week if I don't get any more comments here. Thanks, Greg On Wed, Apr 10, 2024 at 10:42 AM Mickael Maison <mickael.mai...@gmail.com> wrote: > Hi, > > It looks like some of the SecurityManager APIs are starting to be > removed in JDK 23, see > - https://bugs.openjdk.org/browse/JDK-8296244 > - https://github.com/quarkusio/quarkus/issues/39634 > > JDK 23 is currently planned for September 2024. > Considering the timelines and that we only drop support for Java > versions in major Kafka releases, I think the proposed approach of > detecting the APIs to use makes sense. > > Thanks, > Mickael > > On Tue, Nov 21, 2023 at 8:38 AM Greg Harris > <greg.har...@aiven.io.invalid> wrote: > > > > Hey Ashwin, > > > > Thanks for your question! > > > > I believe we have only removed support for two Java versions: > > 7: > https://cwiki.apache.org/confluence/display/KAFKA/KIP-118%3A+Drop+Support+for+Java+7 > > in 2.0 > > 8: > https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=181308223 > > in 4.0 > > > > In both cases, we changed the gradle sourceCompatibility and > > targetCompatibility at the same time, which I believe changes the > > "-target" option in javac. > > > > We have no plans currently for dropping support for 11 or 17, but I > > presume they would work in much the same way. > > > > Hope this helps! > > Greg > > > > On Mon, Nov 20, 2023 at 11:19 PM Ashwin <apan...@confluent.io.invalid> > wrote: > > > > > > Hi Greg, > > > > > > Thanks for writing this KIP. > > > I agree with you that handling this now will help us react to the > > > deprecation of SecurityManager, whenever it happens. > > > > > > I had a question regarding how we deprecate JDKs supported by Apache > Kafka. > > > When we drop support for JDK 17, will we set the “-target” option of > Javac > > > such that the resulting JARs will not load in JVMs which are lesser > than or > > > equal to that version ? > > > > > > Thanks, > > > Ashwin > > > > > > > > > On Tue, Nov 21, 2023 at 6:18 AM Greg Harris > <greg.har...@aiven.io.invalid> > > > wrote: > > > > > > > Hi all, > > > > > > > > I'd like to invite you all to discuss removing SecurityManager > support > > > > from Kafka. This affects the client and server SASL mechanism, Tiered > > > > Storage, and Connect classloading. > > > > > > > > Find the KIP here: > > > > > > > > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-1006%3A+Remove+SecurityManager+Support > > > > > > > > I think this is a "code higiene" effort that doesn't need to be dealt > > > > with urgently, but it would prevent a lot of headache later when Java > > > > does decide to remove support. > > > > > > > > If you are currently using the SecurityManager with Kafka, I'd really > > > > appreciate hearing how you're using it, and how you're planning > around > > > > its removal. > > > > > > > > Thanks! > > > > Greg Harris > > > > >
