Quality Outreach Heads-up - JDK 21: JMX Subject Delegation & Fine-grained Security Deprecation

The OpenJDK Quality Group is promoting the testing of FOSS projects with OpenJDK builds as a way to improve the overall quality of the release. This heads-up is part of a regular communication sent to the projects involved. To learn more about the program, and how-to join, please check here.

JDK 21: JMX Subject Delegation & Fine-grained Security Deprecation

JMX has some features that rely on Security Manager APIs which are deprecated for removal (see JEP 411). These features are "Subject Delegation" and "Fine-grained Security", which both seem to be generally unused, and would require significant investment to implement without touching the deprecated APIs. As a consequence, "Subject Delegation" is being proposed for deprecation in JDK 21 via JDK-8298966.

Fine-grained Security is also being considered for deprecation at the same time. This feature has allowed configuration of a security policy to restrict or permit access to specific MBean actions. It is expected that this feature is generally unused, possibly because there is simply no demand for such detailed control, and that it is too complex to create and maintain the policies.