-
Task
-
Resolution: Done
-
Major
-
None
In Java 24, the security manager is being disabled. The API's will remain until some further releases, but errors will occur if there is an attempt to enable the security manager. WildFly needs to be prepared for this and print a warning, maybe error, if there was an attempt to enable the security manager on Java 24+.
Currently Elytron attempts to set a policy which produces this exception:
09:16:21,463 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-6) MSC000001: Failed to start service org.wildfly.security.policy: org.jboss.msc.service.StartException in service org.wildfly.security.policy: Failed to start service at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1609) at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1438) at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990) at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1363) at java.base/java.lang.Thread.run(Thread.java:1447) Caused by: java.lang.RuntimeException: WFLYELY01022: Failed to set policy [java.security.Policy$1@153db5a7] at org.wildfly.extension.elytron@27.0.0.Beta3-SNAPSHOT//org.wildfly.extension.elytron.PolicyDefinitions$2$1.setPolicy(PolicyDefinitions.java:209) at org.wildfly.extension.elytron@27.0.0.Beta3-SNAPSHOT//org.wildfly.extension.elytron.PolicyDefinitions$2$1.start(PolicyDefinitions.java:185) at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1617) at org.jboss.msc@1.5.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1580) ... 6 more Caused by: java.lang.UnsupportedOperationException: Setting a system-wide Policy object is not supported at java.base/java.security.Policy.setPolicy(Policy.java:114) at org.wildfly.extension.elytron@27.0.0.Beta3-SNAPSHOT//org.wildfly.extension.elytron.PolicyDefinitions$2$1.lambda$setPolicyAction$0(PolicyDefinitions.java:215) at org.wildfly.extension.elytron@27.0.0.Beta3-SNAPSHOT//org.wildfly.extension.elytron.PolicyDefinitions$2$1.setPolicy(PolicyDefinitions.java:206) ... 9 more
This is due to the default jacc policy. The simple solution will be to remove the policy for testing. However, I'm not sure if we should do anything by default. If we do not think we need to or should do anything by default, feel free to close this issue as "Won't Do"
[WFCORE-7059] Prepare Jakarta Authorizartion for the security manager being disabled in Java 24
Brian Stansberry
added a comment - Hmm, does this mean EE 10 JACC won't work on SE 24? 
Yes. The java.security.Policy has been deprecated since Java SE 17. Things like Policy.setPolicy() to set the global policy throw an exception now.
FWIW the stack trace is what made me move this issue to WFCORE. Maybe it should be a WFLY issue though. I'm not sure where the best place for it is, but here seems fine for now.