[CALCITE-6590] Handle security deprecation using code templates

core/build.gradle.kts

@@ -68,6 +68,15 @@ val filterJava by tasks.registering(Sync::class) {
             x.replace("${'$'}{avatica.release.version}", project.version.toString())
         }
     }
+    if (JavaVersion.current() >= JavaVersion.VERSION_18) {
+        from("$projectDir/src/main/java18") {
+            include("**/*.java")
+        }
+    } else {
+        from("$projectDir/src/main/java8") {
+            include("**/*.java")
+        }
+    }
     into(javaFilteredOutput)
 }
 

core/src/main/java/org/apache/calcite/avatica/remote/DoAsAvaticaHttpClient.java

@@ -16,9 +16,10 @@
  */
 package org.apache.calcite.avatica.remote;
 
+import org.apache.calcite.avatica.util.SecurityUtil;
+
 import java.security.PrivilegedAction;
 import java.util.Objects;
-import javax.security.auth.Subject;
 
 /**
  * HTTP client implementation which invokes the wrapped HTTP client in a doAs with the provided
@@ -34,7 +35,7 @@ public DoAsAvaticaHttpClient(AvaticaHttpClient wrapped, KerberosConnection kerbe
   }
 
   @Override public byte[] send(final byte[] request) {
-    return Subject.doAs(kerberosUtil.getSubject(), new PrivilegedAction<byte[]>() {
+    return SecurityUtil.callAs(kerberosUtil.getSubject(), new PrivilegedAction<byte[]>() {
       @Override public byte[] run() {
         return wrapped.send(request);
       }

core/src/main/java18/org/apache/calcite/avatica/util/SecurityUtil.java

@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.calcite.avatica.util;
+
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+import javax.security.auth.Subject;
+
+public final class SecurityUtil {
+
+  private SecurityUtil() {}
+
+  public static <T> T callAs(Subject subject, PrivilegedAction<T> action) {
+    return Subject.callAs(subject, action::run);
+  }
+
+  public static <T> T callAs(Subject subject, PrivilegedExceptionAction<T> action)
+      throws PrivilegedActionException {
+    return Subject.callAs(subject, action::run);
+  }
+
+  public static <T> T doPrivileged(PrivilegedAction<T> action) {
+    return action.run();
+  }
+
+  public static Subject currentSubject() {
+    return Subject.current();
+  }
+}

core/src/main/java8/org/apache/calcite/avatica/util/SecurityUtil.java

@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.calcite.avatica.util;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+import javax.security.auth.Subject;
+
+public final class SecurityUtil {
+
+  private SecurityUtil() {}
+
+  public static <T> T callAs(Subject subject, PrivilegedAction<T> action) {
+    return Subject.doAs(subject, action);
+  }
+
+  public static <T> T callAs(Subject subject, PrivilegedExceptionAction<T> action)
+      throws PrivilegedActionException {
+    return Subject.doAs(subject, action);
+  }
+
+  public static <T> T doPrivileged(PrivilegedAction<T> action) {
+    return AccessController.doPrivileged(action);
+  }
+
+  public static Subject currentSubject() {
+    return Subject.getSubject(AccessController.getContext());
+  }
+}

server/src/main/java/org/apache/calcite/avatica/server/HttpServer.java

@@ -21,6 +21,7 @@
 import org.apache.calcite.avatica.remote.Driver.Serialization;
 import org.apache.calcite.avatica.remote.Service;
 import org.apache.calcite.avatica.remote.Service.RpcMetadataResponse;
+import org.apache.calcite.avatica.util.SecurityUtil;
 
 import org.eclipse.jetty.security.Authenticator;
 import org.eclipse.jetty.security.ConfigurableSpnegoLoginService;
@@ -205,7 +206,7 @@ static AvaticaHandler wrapJettyHandler(Handler handler) {
   public void start() {
     if (null != subject) {
       // Run the start in the privileged block (as the kerberos-identified user)
-      Subject.doAs(subject, new PrivilegedAction<Void>() {
+      SecurityUtil.callAs(subject, new PrivilegedAction<Void>() {
         @Override public Void run() {
           internalStart();
           return null;

server/src/main/java/org/apache/calcite/avatica/server/SubjectPreservingPrivilegedThreadFactory.java

@@ -16,7 +16,8 @@
  */
 package org.apache.calcite.avatica.server;
 
-import java.security.AccessController;
+import org.apache.calcite.avatica.util.SecurityUtil;
+
 import java.security.PrivilegedAction;
 import java.util.concurrent.ThreadFactory;
 import javax.security.auth.Subject;
@@ -40,10 +41,10 @@ class SubjectPreservingPrivilegedThreadFactory implements ThreadFactory {
    * @return a new thread, protected from classloader pinning, but keeping the current Subject
    */
   public Thread newThread(Runnable runnable) {
-    Subject subject = Subject.getSubject(AccessController.getContext());
-    return AccessController.doPrivileged(new PrivilegedAction<Thread>() {
+    Subject subject = SecurityUtil.currentSubject();
+    return SecurityUtil.doPrivileged(new PrivilegedAction<Thread>() {
       @Override public Thread run() {
-        return Subject.doAs(subject, new PrivilegedAction<Thread>() {
+        return SecurityUtil.callAs(subject, new PrivilegedAction<Thread>() {
           @Override public Thread run() {
             Thread thread = new Thread(runnable);
             thread.setDaemon(true);

server/src/test/java/org/apache/calcite/avatica/AvaticaSpnegoTest.java

@@ -19,6 +19,7 @@
 import org.apache.calcite.avatica.remote.Driver;
 import org.apache.calcite.avatica.server.AvaticaJaasKrbUtil;
 import org.apache.calcite.avatica.server.HttpServer;
+import org.apache.calcite.avatica.util.SecurityUtil;
 
 import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.client.KrbConfig;
@@ -217,7 +218,7 @@ public AvaticaSpnegoTest(String jdbcUrl) {
       // The name of the principal
 
       // Run this code, logged in as the subject (the client)
-      Subject.doAs(clientSubject, new PrivilegedExceptionAction<Void>() {
+      SecurityUtil.callAs(clientSubject, new PrivilegedExceptionAction<Void>() {
         @Override public Void run() throws Exception {
           try (Connection conn = DriverManager.getConnection(jdbcUrl)) {
             try (Statement stmt = conn.createStatement()) {

server/src/test/java/org/apache/calcite/avatica/SpnegoTestUtil.java

@@ -19,6 +19,7 @@
 import org.apache.calcite.avatica.remote.KerberosConnection;
 import org.apache.calcite.avatica.remote.Service.RpcMetadataResponse;
 import org.apache.calcite.avatica.server.AvaticaHandler;
+import org.apache.calcite.avatica.util.SecurityUtil;
 
 import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.server.SimpleKdcServer;
@@ -38,7 +39,6 @@
 import java.io.OutputStreamWriter;
 import java.net.ServerSocket;
 import java.nio.charset.StandardCharsets;
-import java.security.AccessController;
 import java.security.Principal;
 import java.security.PrivilegedAction;
 import javax.security.auth.login.Configuration;
@@ -138,7 +138,7 @@ public static void refreshJaasConfiguration() {
     // Configuration keeps a static instance of Configuration that it will return once it
     // has been initialized. We need to nuke that static instance to make sure our
     // serverSpnegoConfigFile gets read.
-    AccessController.doPrivileged(new PrivilegedAction<Configuration>() {
+    SecurityUtil.doPrivileged(new PrivilegedAction<Configuration>() {
       public Configuration run() {
         return Configuration.getConfiguration();
       }

server/src/test/java/org/apache/calcite/avatica/server/HttpServerSpnegoWithoutJaasTest.java

@@ -22,6 +22,7 @@
 import org.apache.calcite.avatica.SpnegoTestUtil;
 import org.apache.calcite.avatica.remote.AvaticaCommonsHttpClientImpl;
 import org.apache.calcite.avatica.remote.CommonsHttpClientPoolCache;
+import org.apache.calcite.avatica.util.SecurityUtil;
 
 import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager;
 import org.apache.kerby.kerberos.kerb.KrbException;
@@ -216,7 +217,7 @@ private static void setupUsers(File keytabDir) throws KrbException {
     final String principalName = clientPrincipals.iterator().next().getName();
 
     // Run this code, logged in as the subject (the client)
-    byte[] response = Subject.doAs(clientSubject, new PrivilegedExceptionAction<byte[]>() {
+    byte[] response = SecurityUtil.callAs(clientSubject, new PrivilegedExceptionAction<byte[]>() {
       @Override public byte[] run() throws Exception {
         // Logs in with Kerberos via GSS
         GSSManager gssManager = GSSManager.getInstance();