Details
-
Improvement
-
Resolution: Unresolved
-
Major - P3
-
None
-
None
Description
The driver uses Subject#doAs in SaslAuthenticator.
However, Subject#doAs was deprecated for removal in Java 18, and Subject#callAs was added in the same release. This is related to the deprecation of the Security Manager.
To protect against the driver breaking when used against a future version of Java where Subject#doAs has actually been removed, we should replace the usage with Subject#callAs. However, we can't do that simply given that we have to run against Java release prior to Java 18. To work around this, we need to detect dynamically whether Subject#callAs is available, and then call it reflectively if it is. We should probably call Subject#doAs reflectively as well to avoid a compile- or link-time dependency on it.