Migrated Tomcat Vault to be compatible with JDK18+ and Tomcat 10 by removing deprecated classes (SecurityManager, AccessController) #76
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ated classes (SecurityManager, AccessController - Tomcat Vault will not work properly on JDK18+ without doing so), and incidentally makes Tomcat Vault be compatible with Tomcat 10 (since Tomcat 10 is likely to run on JDK18+) - Also refactored Unit Tests to not use the deprecated classes, and avoids using the System property to test - Added Maven profiles to specify the Tomcat major version to build for (default major version: Tomcat 9) - Updated `INSTALL.md` with the appropriate details for building with a different Maven profile for different Tomcat versions (either major version or exact version) - Removed other minor deprecation warnings (e.g. `new Integer() is replaced with `Integer.valueOf()`
ElementUser
changed the title
ElementUser
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of Changes
Migrated Tomcat Vault to be compatible with JDK18+ by removing deprecated classes (SecurityManager, AccessController - Tomcat Vault will not work properly on JDK18+ without doing so), and incidentally makes Tomcat Vault be compatible with Tomcat 10 (since Tomcat 10 is likely to run on JDK18+).
SecurityManager was safe to remove, as the feature that was used the most was the
checkPermission()function. See this Snyk article for more details: https://snyk.io/blog/securitymanager-removed-java/Motivation
The motivation was quite simple - at my workplace, we are using Tomcat Vault for Tomcat 9 & are migrating some applications to Tomcat 10 & using JDK21 as our current LTS JDK. We wish to continue using Tomcat Vault with Tomcat 10 and JDK21, and that prompted me to work on making Tomcat Vault compatible with them.
Other minor changes
pom.xmlfile as a resultINSTALL.mdwith the appropriate details for building with a different Maven profile for different Tomcat versions (either major version or exact version)new Integer()is replaced withInteger.valueOf()maven-surefire-pluginvia a property in thepom.xmlfile, and also upgraded the version to a recent one (3.5.3)Testing
I tested this locally & on an actual Windows server at my workplace, everything works as intended with Tomcat Vault for the encrypted passwords & referencing them from Tomcat's
context.xmlfiles)The unit test suite also passed when running them.