[
https://issues.apache.org/jira/browse/HADOOP-19212?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18016424#comment-18016424
]
ASF GitHub Bot commented on HADOOP-19212:
-----------------------------------------
pan3793 commented on PR #7897:
URL: https://github.com/apache/hadoop/pull/7897#issuecomment-3226696282
@stoty
> The question whether we want to fully support Java 18+ in 3.4.3.
My current goal is to make Hadoop "client" support Java 18+ in the next
3.4.x. version, fully Java 18+ support should target 3.5.
> the large patch for Subject propagation ...
I roughly understand what you are trying to fix, but I haven't seen real
failures caused by this, do you have a concrete example that is affected by the
lack of change? and is it must be fixed on Hadoop itself, and can not be
workarounded by downstream projects?
> - Merge just this patch, and release in 3.4.3 - This seems to be enough
for at least the Spark tests to pass
I won't block 3.4.2 release if it's already in good shape, I prefer this
option.
> [JDK23] org.apache.hadoop.security.UserGroupInformation use of Subject needs
> to move to replacement APIs
> --------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-19212
> URL: https://issues.apache.org/jira/browse/HADOOP-19212
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Affects Versions: 3.5.0
> Reporter: Alan Bateman
> Priority: Major
> Labels: pull-request-available
>
> `javax.security.auth.Subject.getSubject` and `Subject.doAs` were deprecated
> for removal in JDK 17. The replacement APIs are `Subject.current` and
> `callAs`. See [JEP 411]([https://openjdk.org/jeps/411]) for background.
> The `Subject.getSubject` API has been "degraded" in JDK 23 to throw
> `UnsupportedOperationException` if not running with the option to allow a
> SecurityManager. In a future JDK release, the `Subject.getSubject` API will
> be degraded further to throw`UnsupportedOperationException` unconditionally.
> [renaissance/issues/439]([https://github.com/renaissance-benchmarks/renaissance/issues/439])
> is a failure with a Spark benchmark due to the code in
> `org.apache.hadoop.security.UserGroupInformation` using the deprecated
> `Subject.getSubject` method. The maintainers of this code need to migrate
> this code to the replacement APIs to ensure that this code will continue to
> work once the security manager feature is removed.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
