You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
ProxyTrust has been deprecated for some time, this API adds a lot of complexity, the original implementation made the assumption that Java Serialization was secure, so would validate the deserialized state of a proxy, after it had been deserialized.
Describe the solution you'd like
Removal of ProxyTrust API's
Describe alternatives you've considered
Retention for backward compatibility. JGDMS is already a significantly complex platform, the ProxyTrust API's add a significant level of complexity, having it around only causes confusion for new users, this api provides no security benefit. We could move it to the Jini compatibility library and remove any dependencies, make all methods no-op's, just have it around for runtime compatibility.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
ProxyTrust has been deprecated for some time, this API adds a lot of complexity, the original implementation made the assumption that Java Serialization was secure, so would validate the deserialized state of a proxy, after it had been deserialized.
Describe the solution you'd like
Removal of ProxyTrust API's
Describe alternatives you've considered
Retention for backward compatibility. JGDMS is already a significantly complex platform, the ProxyTrust API's add a significant level of complexity, having it around only causes confusion for new users, this api provides no security benefit. We could move it to the Jini compatibility library and remove any dependencies, make all methods no-op's, just have it around for runtime compatibility.
The text was updated successfully, but these errors were encountered: