Our company use a "traditional" J2EE type system where we have multiple application types connecting to the EAP server system, andspecifically the main client in our system being a traditional Swing desktop program that relies heavily on RMI. This is used in a distributed fashion among several offices and locations country-wide, RMI bean calls running over VPN quite seamlessly. This has worked for many years now and although we have started the process of migrating the system architecture to a different web- application -based approach it won't be happening overnight due to the sheer size of the system.
The proposed dropping of Serialization from Java (see for instance https://www.bleepingcomputer.com/news/security/oracle-plans-to-drop-java-serialization-support-the-source-of-most-security-bugs/ ) seems to me to mean that RMI will die a horrible death right there and then. Is this correct? Any idea if the Wildfly / EAP community plan to continue to support Serialization in EAP 6.X (and earlier, if anyone still used the older versions).