[
https://issues.apache.org/jira/browse/CALCITE-6590?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17885096#comment-17885096
]
Julian Hyde commented on CALCITE-6590:
--------------------------------------
{quote}
The code will not directly reference the methods, but they will be used
referenced and called indirectly via reflection
{quote}
We use that pattern a lot. See e.g. [interface
Compatible|https://github.com/apache/calcite/blob/f325fa6cdea98e75ac59a73c34eded2350fe3379/core/src/main/java/org/apache/calcite/util/Compatible.java#L32].
> Run tests with java.security.manager=allow on JDK23+ in Avatica
> ---------------------------------------------------------------
>
> Key: CALCITE-6590
> URL: https://issues.apache.org/jira/browse/CALCITE-6590
> Project: Calcite
> Issue Type: Bug
> Reporter: Julian Hyde
> Assignee: Istvan Toth
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.26.0
>
>
> Remove use of Java SecurityManager in Avatica.
> Running Avatica on JDK 23 (or JRE 23) we get the following runtime errors:
> {noformat}
> Caused by: java.lang.UnsupportedOperationException: getSubject is supported
> only if a security manager is allowed at
> java.base/javax.security.auth.Subject.getSubject(Subject.java:347) at
> org.apache.calcite.avatica.server.SubjectPreservingPrivilegedThreadFactory.newThread(SubjectPreservingPrivilegedThreadFactory.java:43)
> {noformat}
> We were warned - the {{getSubject}} method has been deprecated since JDK 18.
> The deprecation did not cause a build failure, due to CALCITE-5136.
> HADOOP-19212 is an issue with the same underlying cause.
> The message "getSubject is supported only if a security manager is allowed"
> implies that another solution would be to enable a security manager
> (including during tests, and when Avatica is used in Calcite's tests). Should
> we consider that? If so, please change the case summary.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
