TLDR: Payara 5 seems to work fine
with java.security.{Certificate,Identity,IdentityScope,Signer} classes
removedI have been exploring the effects of removing these APIs on JBoss Wildfly > 20, the latest version to support Java EE 8. > Repeating the experiment using Payara 5 shows similar results to Wildfly 20. EJBs calling methods in EJBContext continue to work as expected with 21-internal. If the deprecated EJBContext.getCallerIdentity() method is called, an exception is thrown (not because of the API removal, but because Payara decided to throw for this method): Caused by: java.lang.RuntimeException: getCallerIdentity() is deprecated, > please use getCallerPrincipal(). > at > com.sun.ejb.containers.EJBContextImpl.getCallerIdentity(EJBContextImpl.java:382) I had to make a minor change to Payara 5 to make it run on Java 21, which was to upgrade ASM from 9.4 to 9.5. I'll consider a PR for this, although it seems they don't plan any more releases of Payara 5 Community edition. Maybe a PR can prod them to upgrade the Enterprise offering. Cheers, Eirik.
