Hi, Just FYI, I got working with java 24 by removing the policies
Remove lines 424 to 432 in https://github.com/apache/tomee/blob/main/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java#L424 Also, if you deploy with intellij (which uses a openejb deployer), you will need to remove the checkPermission in https://github.com/apache/tomee/blob/main/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java#L389 If you still want to check permissions you can do this dirty hack: if ("openejb/Deployer".equals(ejbName) || type == BUSINESS_LOCALBEAN_HOME || type == LOCALBEAN) { return true; } Finally, you also need to disable https://github.com/apache/tomee/blob/main/server/openejb-client/src/main/java/org/apache/openejb/client/JaasIdentityResolver.java#L28 by returning null. These are dirty workarounds, I don't know the implications, but they are ok for our use case. On Fri, Apr 4, 2025 at 10:48 AM Richard Zowalla <r...@apache.org> wrote: > Hi, > > You can open a Jira at https://issues.apache.org/jira/projects/TOMEE/ > > Currently, there is no issue to track Java 24 support since the part of > TomEE using SecurityManager wasn’t reworked yet nor did we test with Java > 24 and our 3rd party dependencies. > > If you have some capacity, feel free to propose a PR to rework that part > of TomEE. > > Gruß > Richard > > > Am 04.04.2025 um 10:28 schrieb Wolfgang Knauf > <wolfgang.kn...@gmx.de.INVALID>: > > > > Hi all, > > > > (sorry if this is a duplicate one, I already sent it a few days ago, but > as it did not appear, I think it might be related to the fact that I did > not subscribe to the list) > > > > TomEE 10.0.1 fails to launch with Java 24: > > > > 01-Apr-2025 13:10:36.888 SCHWERWIEGEND [main] > org.apache.openejb.util.OpenEJBErrorHandler.handleUnknownError FATAL ERROR: > Unknown error in Assembler. Please send the following stack trace and this > message to users@tomee.apache.org : > > org.apache.xbean.recipe.ConstructionException: Error invoking > constructor: public org.apache.tomee.catalina.TomcatSecurityService() > > at > org.apache.xbean.recipe.ReflectionUtil$ConstructorFactory.create(ReflectionUtil.java:981) > > at > org.apache.xbean.recipe.ObjectRecipe.internalCreate(ObjectRecipe.java:279) > > at org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:96) > > at org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:61) > > at org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:49) > > at > org.apache.openejb.assembler.classic.Assembler.createSecurityService(Assembler.java:3553) > > at > org.apache.openejb.assembler.classic.Assembler.buildContainerSystem(Assembler.java:579) > > at > org.apache.openejb.assembler.classic.Assembler.build(Assembler.java:497) > > at org.apache.openejb.OpenEJB$Instance.<init>(OpenEJB.java:150) > > at org.apache.openejb.OpenEJB.init(OpenEJB.java:307) > > at > org.apache.tomee.catalina.TomcatLoader.initialize(TomcatLoader.java:244) > > at > org.apache.tomee.catalina.ServerListener.lifecycleEvent(ServerListener.java:161) > > at > org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:109) > > at > org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:389) > > at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:123) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:712) > > at org.apache.catalina.startup.Catalina.load(Catalina.java:735) > > at > java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104) > > at java.base/java.lang.reflect.Method.invoke(Method.java:565) > > at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:302) > > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:472) > > Caused by: java.lang.IllegalStateException: Could not install JACC > Policy Provider: org.apache.openejb.core.security.JaccProvider$Policy > > at > org.apache.openejb.core.security.AbstractSecurityService.installPolicy(AbstractSecurityService.java:443) > > at > org.apache.openejb.core.security.AbstractSecurityService.installJacc(AbstractSecurityService.java:431) > > at > org.apache.openejb.core.security.AbstractSecurityService.<init>(AbstractSecurityService.java:94) > > at > org.apache.openejb.core.security.AbstractSecurityService.<init>(AbstractSecurityService.java:88) > > at > org.apache.tomee.catalina.TomcatSecurityService.<init>(TomcatSecurityService.java:55) > > at > java.base/jdk.internal.reflect.DirectConstructorHandleAccessor.newInstance(DirectConstructorHandleAccessor.java:62) > > at > java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:499) > > at > java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:483) > > at > org.apache.xbean.recipe.ReflectionUtil$ConstructorFactory.create(ReflectionUtil.java:971) > > ... 20 more > > Caused by: java.lang.UnsupportedOperationException: Setting a > system-wide Policy object is not supported > > at java.base/java.security.Policy.setPolicy(Policy.java:114) > > at > org.apache.openejb.core.security.AbstractSecurityService.installPolicy(AbstractSecurityService.java:441) > > ... 28 more > > > > > > > > Is there something I should do about this (file a JIRA issue), or is the > Java 24 support already on your roadmap? > > > > Best regards > > > > Wolfgang > >
