[
https://issues.apache.org/jira/browse/KUDU-3630?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17901748#comment-17901748
]
Mateusz Gajewski commented on KUDU-3630:
----------------------------------------
We are using kudu with JDK 23 and it works (if you add
-Djava.security.manager=allow). For JDK 24 this will never work without code
changes. The reflection-based approach allows to use new API without requiring
newer Java version (we use it in our client which is JDK 8 but for JDK 22+ it's
using FFM)
> Kudu uses deprecated SecurityManager features
> ---------------------------------------------
>
> Key: KUDU-3630
> URL: https://issues.apache.org/jira/browse/KUDU-3630
> Project: Kudu
> Issue Type: Improvement
> Components: client, java
> Reporter: Mateusz Gajewski
> Priority: Major
> Labels: client, java, jdk
>
> JDK 18 deprecated Subject.doAs in favour of a new method Subject.callAs. JDK
> 23 requires -Djava.security.manager=allow to use Kudu client, while JDK 24
> removes the Security Manager altogether which makes Kudu client impossible to
> use.
> Kudu client uses deprecated APIs in places like:
> https://github.com/apache/kudu/blob/da6211df5f8df0c53ceedd542b61634f3bab7205/java/kudu-client/src/main/java/org/apache/kudu/client/Negotiator.java#L955
> This can be solved using reflective access as done by other projects, like
> Kafka's shim: https://github.com/apache/kafka/pull/16522
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
