Rebecca Searls created CXF-7894:
-----------------------------------
Summary: ReflectionUtil, JDK-9+ warnings for illegal reflective
access operation
Key: CXF-7894
URL: https://issues.apache.org/jira/browse/CXF-7894
Project: CXF
Issue Type: Improvement
Components: Core
Reporter: Rebecca Searls
Fix For: 3.2.8, 3.2.5
wfly script wsconsume uses CXF. With JDk-9, JDK-10 and JDK-11 the following
warning is always presented.
{code:java}
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by
org.apache.cxf.common.util.ReflectionUtil$11
(jar:file:/home/rsearls/j1/wfly10/wildfly/dist/target/wildfly-15.0.0.Alpha1-SNAPSHOT/modules/system/layers/base/org/apache/cxf/main/cxf-core-3.2.5-jbossorg-1.jar!/)
to field java.net.Authenticator.theAuthenticator
WARNING: Please consider reporting this to the maintainers of
org.apache.cxf.common.util.ReflectionUtil$11
WARNING: Use --illegal-access=warn to enable warnings of further illegal
reflective access operations
WARNING: All illegal access operations will be denied in a future release
{code}
This message can be seen in wfly versions 12, 13, 14, and master with any of the
3 JDK versions listed.
This was a known issue starting with JDK-9. At that time Mark Reinhold
proposed temporary flag, "--illegal-access=permit". The default setting is
"permit". (see,
https://jaxenter.com/jdk-9-replace-permit-illegal-access-134180.html)
The JDK team continues to support this flag in jdk-10 and jdk-11.
Flag option "--illegal-access=debug" prints the warning and a stacktrace for
each illegal reflective access operation.
This flag must be placed in JAVA_OPTS in order for the script to place it
in the correct commend-line position. If this option is placed on the script's
commend-line it is passed to the java class being executed not the java cmd
itself.
Using the "--illegal-access=debug" shows the warnings for line
org.apache.cxf.common.util.ReflectionUtil$11.run(ReflectionUtil.java:194)
{code:java}
public static <T extends AccessibleObject> T setAccessible(final T o) {
return AccessController.doPrivileged(new PrivilegedAction<T>() {
public T run() {
>>> o.setAccessible(true);
return o;
}
});
}
{code}
The stacktrace using the option "--illegal-access=debug" follows.
{code:java}
WARNING: Illegal reflective access by
org.apache.cxf.common.util.ReflectionUtil$11
(jar:file:/home/rsearls/j1/wfly10/wildfly/dist/target/wildfly-15.0.0.Alpha1-SNAPSHOT/modules/system/layers/base/org/apache/cxf/main/cxf-core-3.2.5-jbossorg-1.jar!/)
to field java.net.URLClassLoader.acc
at
[email protected]//org.apache.cxf.common.util.ReflectionUtil$11.run(ReflectionUtil.java:194)
at
[email protected]//org.apache.cxf.common.util.ReflectionUtil$11.run(ReflectionUtil.java:192)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at
[email protected]//org.apache.cxf.common.util.ReflectionUtil.setAccessible(ReflectionUtil.java:192)
at
org.apache.cxf.impl//org.apache.cxf.transport.http.CXFAuthenticator.addAuthenticator(CXFAuthenticator.java:104)
at
org.apache.cxf.impl//org.apache.cxf.transport.http.URLConnectionHTTPConduit.<init>(URLConnectionHTTPConduit.java:90)
at
org.apache.cxf.impl//org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduit.<init>(AsyncHTTPConduit.java:115)
at
org.apache.cxf.impl//org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduitFactory.createConduit(AsyncHTTPConduitFactory.java:267)
at
org.apache.cxf.impl//org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduitFactory.createConduit(AsyncHTTPConduitFactory.java:258)
at
[email protected]//org.jboss.wsf.stack.cxf.client.configuration.AbstractHTTPConduitFactoryWrapper.createConduit(AbstractHTTPConduitFactoryWrapper.java:57)
at
org.apache.cxf.impl//org.apache.cxf.transport.http.HTTPTransportFactory.getConduit(HTTPTransportFactory.java:233)
at
org.apache.cxf.impl//org.apache.cxf.transport.http.HTTPTransportFactory.getConduit(HTTPTransportFactory.java:215)
at
[email protected]//org.apache.cxf.transport.TransportURIResolver.resolve(TransportURIResolver.java:115)
at
org.apache.cxf.impl//org.apache.cxf.wsdl11.CatalogWSDLLocator.getBaseInputSource(CatalogWSDLLocator.java:74)
at
org.apache.cxf.impl//org.apache.cxf.wsdl11.AbstractWrapperWSDLLocator.getBaseInputSource(AbstractWrapperWSDLLocator.java:58)
at
org.apache.cxf.impl//org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.java:225)
at
org.apache.cxf.impl//org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.java:165)
at
org.apache.cxf.impl//org.apache.cxf.tools.wsdlto.core.WSDLDefinitionBuilder.parseWSDL(WSDLDefinitionBuilder.java:80)
at
org.apache.cxf.impl//org.apache.cxf.tools.wsdlto.core.WSDLDefinitionBuilder.build(WSDLDefinitionBuilder.java:71)
at
org.apache.cxf.impl//org.apache.cxf.tools.wsdlto.frontend.jaxws.wsdl11.JAXWSDefinitionBuilder.build(JAXWSDefinitionBuilder.java:84)
at
org.apache.cxf.impl//org.apache.cxf.tools.wsdlto.frontend.jaxws.wsdl11.JAXWSDefinitionBuilder.build(JAXWSDefinitionBuilder.java:61)
at
org.apache.cxf.impl//org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.processWsdl(WSDLToJavaContainer.java:195)
at
org.apache.cxf.impl//org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.execute(WSDLToJavaContainer.java:164)
at
org.apache.cxf.impl//org.apache.cxf.tools.wsdlto.WSDLToJavaContainer.execute(WSDLToJavaContainer.java:412)
at
org.apache.cxf.impl//org.apache.cxf.tools.common.toolspec.ToolRunner.runTool(ToolRunner.java:105)
at
org.apache.cxf.impl//org.apache.cxf.tools.wsdlto.WSDLToJava.run(WSDLToJava.java:113)
at
[email protected]//org.jboss.wsf.stack.cxf.tools.CXFConsumerImpl.consume(CXFConsumerImpl.java:303)
at
[email protected]//org.jboss.ws.tools.cmd.WSConsume.importServices(WSConsume.java:298)
at
[email protected]//org.jboss.ws.tools.cmd.WSConsume.mainInternal(WSConsume.java:108)
at
[email protected]//org.jboss.ws.tools.cmd.WSConsume.main(WSConsume.java:96)
at org.jboss.modules.Module.run(Module.java:352)
at org.jboss.modules.Module.run(Module.java:320)
{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
