Eirik,
First, thanks for volunteering to help out. Unfortunately though, this
is a tricky issue that is best left as is for now.
On 4/10/23 3:46 PM, Eirik Bjørsnøs wrote:
The issue with java.security.Identity is/was the usage in Java EE, more
specifically the EJB spec and the concern that there are app servers
that want to support Java EE releases and run on newer JDK releases at
the same time. So this one has been stuck for a long time.
Jakarta EE 9 was updated to remove EJBContext methods which depended on
java.security.Identity.
Correct.
Is the remaining concern about Java EE 8 implementations running Java 21
and newer?
Yes.
Given that removing these APIs would cause TCK issues in these cases, I
have been reticent to remove the APIs. At this point, I view this to be
in a holding pattern until we have a very strong confidence that it
won't break EE implementations.
The Java 17 LTS seems to be supported until 2029?
Are our hands tied or would it be possible to move forward on this?
I wouldn't necessarily say our hands are tied, but more that we need to
wait longer.
This is a small enough set of APIs that I don't feel this is a huge
burden to keep around a few more releases. All dependencies on these
APIs in the JDK have been removed.
I shall update the issue with some more of these details.
--Sean
