jdk icon indicating copy to clipboard operation
jdk copied to clipboard

Published 20 hours ago verified publisher icon openjdk

8326666: Remove the Java Management Extension (JMX) Subject Delegation feature

Open kevinjwalls opened this issue 1 year ago • 14 comments
trafficstars

The deprecated Subject Delegation feature in JMX will be removed.

This was marked in JDK 21 as deprecated for removal (JDK-8298966).

Progress

  • [x] Change must be properly reviewed (1 review required, with at least 1 Reviewer)
  • [x] Change must not contain extraneous whitespace
  • [x] Commit message must refer to an issue
  • [ ] Change requires CSR request JDK-8326691 to be approved

Issues

  • JDK-8326666: Remove the Java Management Extension (JMX) Subject Delegation feature (Enhancement - P3)
  • JDK-8326691: Remove the implementation of JMX Subject Delegation and degrade the applicable APIs to throw UnsupportedOperationException (CSR)

Reviewers

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/18025/head:pull/18025
$ git checkout pull/18025

Update a local copy of the PR:
$ git checkout pull/18025
$ git pull https://git.openjdk.org/jdk.git pull/18025/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 18025

View PR using the GUI difftool:
$ git pr show -t 18025

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/18025.diff

Webrev

Link to Webrev Comment

kevinjwalls avatar Feb 27 '24 10:02 kevinjwalls

:wave: Welcome back kevinw! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

bridgekeeper[bot] avatar Feb 27 '24 10:02 bridgekeeper[bot]

@kevinjwalls The following labels will be automatically applied to this pull request:

  • jmx
  • serviceability

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing lists. If you would like to change these labels, use the /label pull request command.

openjdk[bot] avatar Feb 27 '24 10:02 openjdk[bot]

This covers the public interface to the feature, and tests.

Locally the feature is refused during a call to getMBeanServerConnection(with a non-null delegationSubject).

Remotely, javax.management.remote.rmi.RMIConnectionImpl has methods which accept a Subject parameter for Subject Delegation. This cannot now be non-null in local usage, but an RMI Connection from an older JDK can invoke these methods with a non-null delegationSubject. Such access will be recognised and an UnsupportedOperationException will be thrown (which the client will see).

RMIConnectionImpl can be simplified, and the class SubjectDelegator removed.

JMXSubjectDomainCombiner I would like to remove separately after this is done.

kevinjwalls avatar Mar 01 '24 09:03 kevinjwalls

Webrevs

mlbridge[bot] avatar Mar 01 '24 09:03 mlbridge[bot]

In addition to Alan's remarks I believe we need new tests to verify the new behavior.

dfuch avatar Mar 04 '24 15:03 dfuch

Added a test to ensure jmxc.getMBeanServerConnection(delegationSubject) throws UnsupportedOperationException.

kevinjwalls avatar Mar 06 '24 11:03 kevinjwalls

Is there any value in keeping SubjectDelegationPermission after this change? If so, I would mark that API deprecated for removal, so that it can be removed in the next release or two.

seanjmullan avatar Mar 07 '24 19:03 seanjmullan

Are there remaining tests that test the JMX fine grained permissions feature w/o depending on subject delegation?

seanjmullan avatar Mar 07 '24 20:03 seanjmullan

Is there any value in keeping SubjectDelegationPermission after this change? If so, I would mark that API deprecated for removal, so that it can be removed in the next release or two.

No, nothing uses SubjectDelegationPermission. That can be deprecated.

Are there remaining tests that test the JMX fine grained permissions feature w/o depending on subject delegation?

Yes there are some tests other than those changed here, which use MBeanPermission in policies and become irrelevant post-SM.

kevinjwalls avatar Mar 08 '24 10:03 kevinjwalls

Is there any value in keeping SubjectDelegationPermission after this change? If so, I would mark that API deprecated for removal, so that it can be removed in the next release or two.

No issue with deprecation. I guess it can be removed once java.security.Policy is removed?

dfuch avatar Mar 11 '24 15:03 dfuch

Is there any value in keeping SubjectDelegationPermission after this change? If so, I would mark that API deprecated for removal, so that it can be removed in the next release or two.

No issue with deprecation. I guess it can be removed once java.security.Policy is removed?

Yes, or to be more precise, when the JavaPolicy implementation of java.security.Policy is removed.

seanjmullan avatar Mar 11 '24 21:03 seanjmullan

The spec change looks good to me. I leave to others to review the implementation and test changes.

Thanks!

kevinjwalls avatar Mar 13 '24 19:03 kevinjwalls

@kevinjwalls This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8326666: Remove the Java Management Extension (JMX) Subject Delegation feature

Reviewed-by: mchung, dfuchs

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been no new commits pushed to the master branch. If another commit should be pushed before you perform the /integrate command, your PR will be automatically rebased. If you prefer to avoid any potential automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

openjdk[bot] avatar Mar 13 '24 20:03 openjdk[bot]

Thanks @dfuch for the comments and review. 8-)

kevinjwalls avatar Mar 14 '24 12:03 kevinjwalls

@kevinjwalls this pull request can not be integrated into master due to one or more merge conflicts. To resolve these merge conflicts and update this pull request you can run the following commands in the local repository for your personal fork:

git checkout 8326666_SubjectDelegation_remove
git fetch https://git.openjdk.org/jdk.git master
git merge FETCH_HEAD
# resolve conflicts and follow the instructions given by git merge
git commit -m "Merge master"
git push

openjdk[bot] avatar Mar 25 '24 09:03 openjdk[bot]

/integrate

kevinjwalls avatar Apr 04 '24 16:04 kevinjwalls

Going to push as commit 6382a1290fbd7cc8fd097a2972bfcfc06fa4de79. Since your change was applied there have been 3 commits pushed to the master branch:

  • d90e5b5b9f235cfcfc635d107e8d73cd2ce35f51: 8329546: Assume sized integral types are available
  • f3db2796b875ee9177b111a0f3da3b9566d750d6: 8327410: Add hostname option for UL file names
  • 21867c929a2f2c961148f2cd1e79d672ac278d27: 8313332: Simplify lazy jmethodID cache in InstanceKlass

Your commit was automatically rebased without conflicts.

openjdk[bot] avatar Apr 04 '24 16:04 openjdk[bot]

@kevinjwalls Pushed as commit 6382a1290fbd7cc8fd097a2972bfcfc06fa4de79.

:bulb: You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

openjdk[bot] avatar Apr 04 '24 16:04 openjdk[bot]