Hi,
JAXP SecurityManager was re-designed to XMLSecurityManager to manage
jaxp related limits or restrictions. Previously, the existence of a
SecurityManager was equivalent to setting FEATURE_SECURE_PROCESSING to
true. After the change, secure processing became a property of
XMLSecurityManager, thus needs to be queried in order to determine the
status of secure processing.
Since secure processing is true by default, this bug made it impossible
to turn off secure processing on a validator through the factory when
there is no Java Security Manager.
Please review:
http://cr.openjdk.java.net/~joehw/jdk9/8049514/webrev/
Thanks,
Joe
