New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Opening a connection to a jar:war: URL created by Tomcat results in an illegal reflective access warning on Java 13+ #18631
Comments
Thanks for the sample, @dschulz. I've reproduced the problem. It's caused by a combination of increased reflective access restrictions in JDK 13 and Tomcat's servlet context resource handling which causes Spring Boot's jar URL handler to try to fall back to the JDK's. This fall back requires the use of reflection and this is now restricted in JDK 13. While ugly, the failure is benign on JDK 13. It can be avoided by switching to Jetty or swapped for another warning (XNIO-330) by switching to Undertow. I don't think it's possible to fall back to the JDK's handler without using reflection so I think we'll need to rework our handler so that it copes with Tomcat's |
When illegal access is denied (
|
Here is a possible fix. It uses a different approach for falling back when the URL is a |
Any updates? |
We are seeing the same warning on Spring Boot Version 2.4.0 with jdk11 on the https://github.com/synyx/urlaubsverwaltung/ project see urlaubsverwaltung/urlaubsverwaltung#1545 |
The original sample provided no longer shows the warning. I think this is due to this Tomcat update. |
@derTobsch Can you provide instructions on how to replicate the problem with your project? Perhaps it only happens with |
fyi: we are now on Spring Boot 2.4.1.
and the warning will occur see
I hope this will help you. :-) |
The error is caused by a similar Tomcat URL This time, the Here's the stack trace:
|
Tomcat's URLs are interesting and there's probably an opportunity to replace them with our own nested JAR handling. They take the form Since the URL is |
@wilkinsona Sorry it took over a year to get to review this 😱 I think I've found another way to solve it that will work with all fallback URLs. I've pushed something in c4e4130. |
Rename "app" projects in `spring-boot-launch-script-tests` and `spring-boot-loader-tests` to something unique. See gh-18631
that is nice to hear @philwebb - thanks! :) |
This is a follow-up to #15844. As asked by @philwebb, attached is an example project.
Issue description
This warning is issued reproducibly when running fat jars (built with
(mvn|gradle) bootJar
) using springdoc-openapi dependency in Spring Boot projects. The warning is issued when accessing the URL path associated to Swagger UI provided by springdoc-openapi.Steps to reproduce
Now point a browser to http://localhost:8080 or explicitly http://localhost:8080/swagger-ui.html.
Tested with:
The text was updated successfully, but these errors were encountered: