Remove Security Manager Dependency Across Platform

[m-reza-rahman]

Since Jakarta EE 12 will likely support Java SE 21 and Java SE 25, it is necessary to remove any dependency on the Java SE Security Manager across the platform and all specifications. The Security Manager cannot be enabled by Java SE 24. The thought is that in Java 29, SecurityManager APIs may not exist or may throw an error. It looks like some of this work was done in EE 11, but not all. As an example of pending work, see: https://github.com/jakartaee/cdi/issues/831.

Specification issues

• [ ] Connectors: https://github.com/jakartaee/connectors/issues/148
• [ ] Enterprise Beans: https://github.com/jakartaee/enterprise-beans/issues/163

API update issues

• [x] Activation (issue and PR)
• [ ] Batch (issue and PR)
• [x] CDI (issue and PR)
• [ ] JSON-P (issue and PR)
• [x] Mail (issue and PR)
• [x] Persistence (issue and PR)
• [x] REST (issue and PR)
• [x] Servlet (issue and PR) (just a javadoc update)
• [x] Validation (issue and PR) (changes could be done in a service release since 3.1 was new in EE 11)

[gurunrao]

Specification issues:

• Rest:https://github.com/jakartaee/rest/issues/1262
• CDI:https://github.com/jakartaee/cdi/issues/831
• Persistence: https://github.com/jakartaee/persistence/issues/666
• Connector: https://github.com/jakartaee/connectors/issues/148

discussion Threads:

• https://www.eclipse.org/lists/jakartaee-platform-dev/threads.html#04575
• https://www.eclipse.org/lists/jakartaee-platform-dev/threads.html#04566

[jhanders34]

I have updated the description with a link to all issues in the component specifications and PRs that address the API changes to remove references to the SecurityManager in the APIs. I have marked the check box for those that have had the PR merged.