JDK-8200400 : Allow Sasl mechanisms to be restricted
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.security
  • Affected Version: 7,8,11,13
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2018-03-28
  • Updated: 2020-04-29
  • Resolved: 2019-05-10
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 7 JDK 8 Other
11.0.5Fixed 7u251Fixed 8-poolUnresolved openjdk7uFixed
Related Reports
Blocks :  
JDK-8200401 - Add a note in Sasl Programming guide on weak mechanisms
CSR :  
JDK-8214331 - Restrict Sasl mechanisms
Relates :  
JDK-8229767 - Typo in java.security: Sasl.createClient and Sasl.createServer
Sub Tasks
JDK-8200401 :  
Add a note in Sasl Programming guide on weak mechanisms - Resolved
JDK-8227564 :  
Release Note: Allow SASL Mechanisms to Be Restricted - Closed
Description
Most mechanisms defined in https://docs.oracle.com/javase/10/security/java-sasl-api-programming-and-deployment-guide1.htm#JSSEC-GUID-2F50B103-FE9F-459F-9EC5-B708358A7B59 are considered weak today. There should be a way to restrict the use of them.
Comments
Was just waiting on CSR last I checked. Approved now.
17-01-2020
8u CSR has been approved: https://bugs.openjdk.java.net/browse/JDK-8230491 8u backport patch has been reviewed: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-December/010774.html Can I have an approval for 8u?
16-01-2020
Fix Request (jdk8u) I'd like to request a jdk8u backport approval for this enhancement. Patch does not apply cleanly so a review has been requested: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-August/009945.html
05-08-2019
Fix Request (jdk11u) I'd like to request a jdk11u backport approval for this enhancement. Patch applies cleanly.
05-08-2019
Changing the name of the issue to be more reflective of what was actually done.
06-06-2019