Thanks Ismail, I've opened https://github.com/apache/kafka/pull/19221 just to get any test failures out of the way in case it is decided to do this backport.
I'm hoping people will weigh in with their concerns in this thread if they don't like the idea of backporting this change. Den man. 17. mar. 2025 kl. 16.43 skrev Ismael Juma <m...@ismaeljuma.com>: > Hi Stig, > > Kafka 4.0 is likely to be released in a day or two. Even so, I think it > makes sense to revive the backporting thread given the lack of workaround > for Java 24. > > Ismael > > On Mon, Mar 17, 2025 at 7:44 AM Stig Rohde Døssing <stigdoess...@gmail.com > > > wrote: > > > Hi, > > > > Some months ago, a reflective shim was added in > > https://issues.apache.org/jira/browse/KAFKA-17078, in order to support > > running Kafka with SASL on JDKs that no longer support the security > > manager. > > > > This shim was added only to Kafka 4.0, but backporting was discussed in > > https://lists.apache.org/thread/vl43q9wqq4xs67xx61f0t0850y2b037o. There > > was > > no clear consensus for or against backporting, but it ended up not > > happening. At the time, users could work around the issue by enabling the > > Security Manager again via a command-line flag. > > > > Java 24, which is planned to release tomorrow, no longer has this > > workaround available. > > > > This leaves users running Java 23 (I am one) in a slightly uncomfortable > > spot. > > > > If Kafka releases 4.0 in the next month, we can rush to upgrade to that, > > and hope that the first release has no regressions. > > > > Otherwise, we will need to downgrade back to Java 21, since staying on 23 > > isn't a good idea past Oracle's quarterly security update in April (see > > https://www.oracle.com/security-alerts/), which will include patches > that > > won't be released for Java 23. > > > > Would there be strong objections to attempting a backport of this shim > to a > > 3.9.x release? > > >
