Release for Jakarta EE 11
Jakarta Authorization defines a low-level SPI for authorization modules, which are repositories of permissions facilitating subject based security by determining whether a given subject has a given permission, and algorithms to transform security constraints for specific containers (such as Jakarta Servlet or Jakarta Enterprise Beans) into these permissions.
The primary goal of this release is to make Jakarta Authorization future proof by adding a replacement for the Policy and generally the removal of security manager. Also make it more suitable for cloud deployments, by adding an option to add policy providers programmatically for a single application. This mirrors the API available for Jakarta Authentication.
Java SE 17 or higher
The Specification Committee Ballot completed on 11th July 2023.
| Representative | Representative for: | Vote |
|---|---|---|
| Kenji Kazumura | Fujitsu | +1 |
| Emily Jiang, Tom Watson | IBM | +1 |
| Ed Bratt, Dmitry Kornilov | Oracle | +1 |
| Andrew Pielage, Petr Aubrecht | Payara | +1 |
| David Blevins, Jean-Louis Monteiro | Tomitribe | +1 |
| Ivar Grimstad | EE4J PMC | +1 |
| Marcelo Ancelmo, Abraham Marin-Perez | Participant Members | +1 |
| Werner Keil | Committer Members | +1 |
| Zhai Luchao | Enterprise Members | +1 |
| Scott Stark | Enterprise Members | +1 |
| Total | 10 |
The ballot was run in the jakarta.ee-spec mailing list
TBD