[
https://issues.apache.org/jira/browse/ARTEMIS-4975?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18031463#comment-18031463
]
Robbie Gemmell edited comment on ARTEMIS-4975 at 10/29/25 9:36 AM:
-------------------------------------------------------------------
I have raised ARTEMIS-5711 and
[https://github.com/apache/activemq-artemis/pull/5993] to address the
SecurityManager compatibility issues and support building/testing/running on
newer JDKs such as Java 24 / 25 and help ease issues with those beyond that.
I decided not to further complicate the build to special case Java 23, since
its behaviour differs from any JDK before or after, and at this stage usage
should be moving to the newer versions such as 25. So for Java 23 only you
would still need to use one of the workarounds:
Set -Djava.security.manager=allow (e.g adding via the available options env
variables, or even just adding it to the artemis.profile file).
Or, if not using affected management bits (e.g embedded usages), just disabling
the audit logging logger that gates the main use of Subject.subject() that
causes failures when the above flag is not set.
https://issues.apache.org/jira/browse/ARTEMIS-4975?focusedCommentId=18029983&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-18029983
was (Author: gemmellr):
I have raised ARTEMIS-5711 and
[https://github.com/apache/activemq-artemis/pull/5993] to address the
SecurityManager compatibility issues and support building/testing/running on
newer JDKs such as Java 24 / 25 and help ease issues with those beyond that.
I decided not to further complicate the build to special case Java 23, since
its behaviour differs from any JDK before or after, and at this stage usage
should be moving to the newer versions such as 25. So for Java 23 only you
would still need to use one of the workarounds:
Set -Djava.security.manager=allow (e.g adding via the available options env
variables, or even just adding it to the artemis.profile file).
Or, disabling the audit logging logger that gates the main use of
Subject.subject() that causes failures when the above flag is not set.
https://issues.apache.org/jira/browse/ARTEMIS-4975?focusedCommentId=18029983&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-18029983
> AuditLogger causes UOE on Java 23 without -Djava.security.manager=allow
> -----------------------------------------------------------------------
>
> Key: ARTEMIS-4975
> URL: https://issues.apache.org/jira/browse/ARTEMIS-4975
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Affects Versions: 2.31.2
> Reporter: Stephane Nicoll
> Assignee: Robbie Gemmell
> Priority: Major
>
> Using Artemis with Java 23 leads to the following exception on startup:
> {noformat}
> java.lang.UnsupportedOperationException: getSubject is supported only if
> a security manager is allowed
> at java.base/javax.security.auth.Subject.getSubject(Subject.java:347)
> at
> org.apache.activemq.artemis.logs.AuditLogger.getCaller(AuditLogger.java:68)
> at
> org.apache.activemq.artemis.logs.AuditLogger.getNotificationInfo(AuditLogger.java:1114)
> at
> org.apache.activemq.artemis.core.management.impl.ActiveMQServerControlImpl.getNotificationInfo(ActiveMQServerControlImpl.java:4277)
> at
> java.management/com.sun.jmx.mbeanserver.MBeanIntrospector.findNotifications(MBeanIntrospector.java:446)
> at
> java.management/com.sun.jmx.mbeanserver.MBeanIntrospector.getMBeanInfo(MBeanIntrospector.java:392)
> at
> java.management/com.sun.jmx.mbeanserver.MBeanSupport.<init>(MBeanSupport.java:139)
> at
> java.management/com.sun.jmx.mbeanserver.StandardMBeanSupport.<init>(StandardMBeanSupport.java:60)
> at
> java.management/javax.management.StandardMBean.construct(StandardMBean.java:181)
> at
> java.management/javax.management.StandardMBean.<init>(StandardMBean.java:232)
> at
> org.apache.activemq.artemis.core.management.impl.AbstractControl.<init>(AbstractControl.java:49)
> at
> org.apache.activemq.artemis.core.management.impl.ActiveMQServerControlImpl.<init>(ActiveMQServerControlImpl.java:189)
> at
> org.apache.activemq.artemis.core.server.management.impl.ManagementServiceImpl.registerServer(ManagementServiceImpl.java:217)
> at
> org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl.initialisePart1(ActiveMQServerImpl.java:3302)
> at
> org.apache.activemq.artemis.core.server.impl.LiveOnlyActivation.run(LiveOnlyActivation.java:70)
> at
> org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl.internalStart(ActiveMQServerImpl.java:720)
> at
> org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl.start(ActiveMQServerImpl.java:610)
> at
> org.apache.activemq.artemis.core.server.embedded.EmbeddedActiveMQ.start(EmbeddedActiveMQ.java:134)
> at
> java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
> at java.base/java.lang.reflect.Method.invoke(Method.java:580)
> {noformat}
> With the Security Manager being disallowed by default, it looks like
> https://bugs.openjdk.org/browse/JDK-8327134 is relevant.
> Let me know if a reproducer is necessary but I found out running Spring
> Boot's test suite with Java 23 so it should be pretty straightforward to
> reproduce.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
