RFR 8191139: Remove deprecated javax.security.auth.Policy API

Weijun Wang weijun.wang at oracle.com
Mon Mar 5 03:44:28 UTC 2018

> On Mar 3, 2018, at 2:52 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
> In the related CSR, you should also list the system/security properties that were only used with javax.security.auth.Policy and therefore are no longer necessary:
> 1. auth.policy.provider
> 2. cache.auth.policy (seems to have never been documented but I found a reference to it in some old IBM javadocs).
> 3. java.security.auth.policy
> 4. auth.policy.url.

CSR updated and re-finalized.

> For the 3rd/4th ones above, there is still some code in sun.security.provider.PolicyFile that looks for it, so it can be removed as part of this change now. Can you remove that and send an updated webrev?

http://cr.openjdk.java.net/~weijun/8191139/webrev.01/ posted. I also removed the changes to the localized resources files. They should be maintained by the translation team.


> --Sean
> On 2/24/18 4:15 AM, Weijun Wang wrote:
>> Please take a review at
>>   8191139: Remove deprecated javax.security.auth.Policy API
>>   http://cr.openjdk.java.net/~weijun/8191139/webrev.00/
>> Thanks
>> Max

More information about the security-dev mailing list