JDK-8227564 : Release Note: Allow SASL Mechanisms to Be Restricted
- Type: Sub-task
- Component: security-libs
- Sub-Component: javax.security
- Affected Version: 7u251,8u241,11.0.6-oracle,13
- Priority: P3
- Status: Closed
- Resolution: Delivered
- Submitted: 2019-07-11
- Updated: 2019-09-04
- Resolved: 2019-07-25
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 11 | JDK 13 | JDK 7 | JDK 8 |
|---|---|---|---|
| 11.0.6-oracleResolved | 13Resolved  |
7u251Resolved | 8u241Resolved |
Description
A security property named `jdk.sasl.disabledMechanisms` has been added that can be used to disable SASL mechanisms. Any disabled mechanism will be ignored if it is specified in the `mechanisms` argument of `Sasl.createSaslClient` or the `mechanism` argument of `Sasl.createSaslServer`. The default value for this security property is empty, which means that no mechanisms are disabled out-of-the-box.