[ https://issues.apache.org/jira/browse/CXF-7815?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16669975#comment-16669975 ]
Colm O hEigeartaigh commented on CXF-7815: ------------------------------------------ Hi [~ffang], I think we should add checks in DefaultSecurityContext and AbstractSecurityContextInInterceptor for java.security.acl.Group via reflection. Otherwise, login won't work with say an older version of Karaf that uses java.security.acl.Group instead. I wonder if we should also add a check for the Karaf Group interface again via reflection? If we don't then we are breaking backwards compatibility, as CXF + Karaf would work by default using java.security.acl.Group. Colm. > Deal with java.security.acl classes being removed in Java 12 > ------------------------------------------------------------ > > Key: CXF-7815 > URL: https://issues.apache.org/jira/browse/CXF-7815 > Project: CXF > Issue Type: Bug > Affects Versions: 3.2.5 > Reporter: Alessio Soldano > Assignee: Freeman Fang > Priority: Major > Fix For: 3.3.0 > > > [https://bugs.openjdk.java.net/browse/JDK-8191138] > > The deprecated java.security.acl classes are being removed in 12. We should > be prepared for that. -- This message was sent by Atlassian JIRA (v7.6.3#76005)