On Mon, 10 Jun 2024 11:28:28 GMT, Kevin Walls <kev...@openjdk.org> wrote:
> JMX uses APIs related to the Security Mananger which are deprecated. Use of > AccessControlContext will be removed when Security Manager is removed. > > Until then, updates are needed to not require setting > -Djava.security.manager=allow to use JMX authentication. src/java.management.rmi/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java line 1634: > 1632: } else { > 1633: // We have ACC therefore SM is permitted, and > Subject must be non-null: > 1634: return Subject.doAs(subject, > (PrivilegedExceptionAction<T>) () -> > AccessController.doPrivileged((PrivilegedExceptionAction<T>) () -> > wrappedClass.cast(mo.get()), acc)); This is not readable. If you create the PAEs explicitly then the casts will go away and it will be much easier to read. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/19624#discussion_r1633351429