On 25/01/2023 05:21, David Delabassee wrote:
<snip/>
## Heads-up - JDK 21: JMX Subject Delegation & Fine-grained Security
Deprecation
JMX has some features that rely on Security Manager APIs which are
deprecated for removal (see JEP 411 [4]). These features are "Subject
Delegation" and "Fine-grained Security", which both seem to be generally
unused, and would require significant investment to implement without
touching the deprecated APIs. As a consequence, "Subject Delegation" is
being proposed for deprecation in JDK 21 [5].
Fine-grained Security is also being considered for deprecation at the
same time. This feature [6] has allowed configuration of a security
policy to restrict or permit access to specific MBean actions. It is
expected that this feature is generally unused, possibly because there
is simply no demand for such detailed control, and that it is too
complex to create and maintain the policies.
<snip/>
I never even knew that this was possible. And I thought I had read the
JMX docs reasonably thoroughly.
I have always viewed the lack of fine-grained security to be a
significant weakness in the JMX security model. I wish I had known about
this years ago.
There is a demand for fine-grained security with JMX. We have had users
express a desire to expose some parts of some JMX MBeans to a sub-set of
users.
I'm fine with the removal of the SecurityManager. Even if they had been
aware of the option, requiring the use of a SecurityManager to enable
fine-grained security with JMX may have prevented many users for
adopting the approach.
If there is any way the fine-grained security can be retained, I think
that would be useful. Maybe some sort of authorization SPI where users
can provide the answer to "Can this user with these roles call this method?"
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org