使用Jaxb和JDK 9在applet中进行非法反射访问 [英] Illegal reflective access in an applet with Jaxb and JDK 9
问题描述
我有一个Java applet,它提供了一个GUI来调用Web服务。它使用Jaxb来解析XML数据并将其解组为对象。它使用Java 1.5到1.8正确运行。使用Java 9,不是那么多。
I have a Java applet which provides a GUI to invoke a web service. It uses Jaxb to parse the XML data and unmarshall it into objects. It runs correctly with Java 1.5 to 1.8. With Java 9, not so much.
我使用容器HTML在Internet Explorer 8 + JDK 9中启动它:
I use a container HTML to launch it in Internet Explorer 8 + JDK 9:
<applet code="com.blah.MyApplet" archive="myFatJarWithDependencies.jar" mayscript>
<param name="cache_option" value="no" />
</applet>
小程序加载正常并且似乎有效;但是,一旦我连接到Web服务,种类就会停止工作。 我已将其缩小到此代码片段(其中 Foo 是一个带有XML绑定注释的自动生成的类):
The applet loads fine and seems to work; however, once I connect to the web service, it kind of stops working. I have narrowed it down to this code fragment (where Foo is an auto-generated class with XML bind annotations):
System.out.println("1");
JAXBContext jc = JAXBContext.newInstance(Foo.class);
System.out.println("2");
Java的控制台显示 1 ,然后什么都没有:它没有崩溃,applet仍然响应鼠标点击,它不会抛出任何异常......似乎根本就没有错误。除了它没有对收到的数据做任何事情,它从不输出 2 。我已经尝试了替代 JAXBContext.newInstance 方法(包名,包名加上类加载器),但它们都是一样的。
Java's console shows the 1, and then... nothing: it doesn't crash, the applet is still responsive to mouse clicks, it doesn't throw any exceptions... there seems to be no error at all. Except for the fact that it doesn't do anything with the received data, and it never outputs the 2. I've tried alternative JAXBContext.newInstance methods (with a package name, with a package name plus a class loader), but they all do the same.
如果我使用相同的JDK 9从Eclipse Oxygen运行项目,那么 工作。当我连接到Web服务时,它会输出一些警告,包括:
If I run the project from Eclipse Oxygen with the same JDK 9, it does work. When I connect to the web service, it outputs a few warnings, including these:
WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector
(file:/C:/.../.m2/repository/com/sun/xml/bind/jaxb-impl/2.0/jaxb-impl-2.0.jar) to method
java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int)
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access
operations
但随后它继续并加载数据(并将 2 输出到控制台)。我的猜测是同样的问题,即使Java控制台中没有显示警告。 当IE从IE运行时,JDK默认为 - illegal-access = deny ?或者默默地拒绝 - 所以 - 用户 - 不要发生什么事情 ......
But then it goes on and loads the data (and outputs the 2 to the console). My guess is it's the same problem, even if the warnings are not shown in the Java console. Maybe the JDK defaults to --illegal-access=deny when it's being run from IE? Or "silently-deny-so-the-user-dont-have-a-clue-on-whats-happening"...
有没有办法可以将 - illegal-access = permit 选项传递给JVM?(请记住,我是'我没有直接调用JVM,我只有一个< applet> html标签)
Is there any way in which I can pass the --illegal-access=permit option to the JVM? (Keep in mind that I'm not directly invoking the JVM, I only have an <applet> html tag)
还有其他方法可以使它工作吗?也许在我的applet的清单文件中添加额外的东西? (顺便说一下,这看起来像这样):
Is there any other way to make it work? Perhaps add something extra in my applet's manifest file? (Which, by the way, looks like this):
Manifest-Version: 1.0
Build-Jdk: 1.8.0_144
Application-name: Blah
Permissions: all-permissions
Sealed: true
Name: blah/Blah.class
SHA-256-Digest: kpf244234234..ahjsdfksf=
...
这些是我最初使用的Jaxb依赖项:
These are the Jaxb dependencies I was using originally:
- javax.xml.bind:jaxb-api:2.0
- com.sun.xml.bind:jaxb-impl:2.0
- com.sun.xml.bind:jaxb-xjc:2.0
我尝试将它们从v2.0更新到v2.3.0,其中应该与Java 9兼容:
I tried updating them from v2.0 to v2.3.0, which are supposed to be compatible with Java 9:
- javax.xml.bind:jaxb-api:2.3.0
- com.sun.xml.bind:jaxb-impl:2.3.0
- com.sun.xml.bind:jaxb-core:2.3.0
- com.sun.x ml.bind:jaxb-xjc:2.3.0
- javax.xml.bind : jaxb-api : 2.3.0
- com.sun.xml.bind : jaxb-impl : 2.3.0
- com.sun.xml.bind : jaxb-core : 2.3.0
- com.sun.xml.bind : jaxb-xjc : 2.3.0
但问题仍然存在。在 nullpointer的答案之后也试过这些,但没有运气:
But the problem still persists. Also tried these after nullpointer's answer, with no luck either:
- javax.xml.bind:jaxb-api:2.1
- javax.xml:jaxb-impl:2.1
- 删除了jaxb-xjc,显然它不需要......
推荐答案
也许当JDK从IE运行时,JDK默认为 - illegal-access = deny
Maybe the JDK defaults to --illegal-access=deny when it's being run from IE?
不,JDK的当前默认模式仅为 permit 。
No, the current default mode of JDK is permit only.
- illegal-access = permit打开
运行时映像中每个模块中的每个包,以编码所有未命名模块中的代码,即
类路径上的代码,如果该包存在于JDK 8中。这将启用静态
访问,即通过编译的字节码和深度反射访问,通过
平台的各种反射API。
--illegal-access=permitopens each package in each module in the run-time image to code in all unnamed modules, i.e., to code on the class path, if that package existed in JDK 8. This enables both static access, i.e., by compiled bytecode, and deep reflective access, via the platform's various reflection APIs.
第一个反射 - 交流对任何此类包进行cess操作会导致发出
警告,但在该点之后不会发出警告。
此单一警告描述了如何启用进一步的警告。无法抑制此
警告。
The first reflective-access operation to any such package causes a warning to be issued, but no warnings are issued after that point. This single warning describes how to enable further warnings. This warning cannot be suppressed.
此模式是JDK 9中的默认模式。它将在未来的
版本中逐步淘汰,并最终被删除。
This mode is the default in JDK 9. It will be phased out in a future release and, eventually, removed.
还有其他方法可以使其正常工作吗?
使用 jaxb-api 建议你关注这个答案确保您的模块使用 javax.xml.bind:jaxb-api:2.3.0 而不是 com / sun / xml / bind / jaxb-impl / 2.0 / jaxb-impl-2.0.jar 如您的日志中所示。
For using the jaxb-api would suggest you follow this answer to make sure that your module uses the javax.xml.bind:jaxb-api:2.3.0 instead of com/sun/xml/bind/jaxb-impl/2.0/jaxb-impl-2.0.jar as seen in your logs.
您可以配置 maven-compiler-plugin:3.7.0 ,如这里的文档,用于在不同的执行中将源代码从1.5编译到JDK 8,在备用执行中编译JDK。
You can configure the maven-compiler-plugin:3.7.0 as stated in the documentation here to compile sources from 1.5 to JDK 8 in different execution and JDK in alternate execution.
这篇关于使用Jaxb和JDK 9在applet中进行非法反射访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
