fails if cf's "disable access to internal coldfusion java components" is enabled #2
Comments
|
Thanks @carehart for your investigations. I think to root reason it is failing is because JavaLoader does try to use some internal ColdFusion Java classes, and if it fails it attempts to create JavaProxy.cfc instead, see: https://github.com/markmandel/JavaLoader/blob/develop/javaloader/JavaLoader.cfc#L452-L464 If the line number is correct JavaProxy.cfc is failing when attempting to call So as a workaround, you might be able to setup the jar files using |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hey, Pete. Great work with this project. Thanks so much. But I was recommending it again to someone today, and they happened to have the CF Admin feature checked for "disable access to internal coldfusion java components", and this failed. Well, it gets this error:
`java.lang.reflect.InaccessibleObjectException: Unable to make public void jdk.internal.loader.BuiltinClassLoader.loadModule(java.lang.module.ModuleReference) accessible: module java.base does not "exports jdk.internal.loader" to unnamed module @8c12524
The error occurred in D:/ColdFusion2018/cfusion/wwwroot/test/bolthttp/javaloader/JavaProxy.cfc: line 34Called from D:/ColdFusion2018/cfusion/wwwroot/test/bolthttp/javaloader/JavaLoader.cfc: line 449Called from D:/ColdFusion2018/cfusion/wwwroot/test/bolthttp/javaloader/JavaLoader.cfc: line 252Called from D:/ColdFusion2018/cfusion/wwwroot/test/bolthttp/javaloader/JavaLoader.cfc: line 50Called from D:/ColdFusion2018/cfusion/wwwroot/test/bolthttp/bolthttp.cfc: line 207Called from D:/ColdFusion2018/cfusion/wwwroot/test/bolthttp/bolthttp.cfc: line 7Called from D:/ColdFusion2018/cfusion/wwwroot/test/test-bolthttp.cfm: line 10
32 : 33 : var classLoader = createObject("java", "java.lang.ClassLoader").getSystemClassLoader(); 34 : var objectClass = classLoader.loadClass("java.lang.Object");
`
And clearly it's a havaloader issue. In fact the problem was raised there also in 2017, but there's been no movement on it.
Someone might helpfully want to point to a 2019 blog post from Ben N where he also observed the problem with Java loader (and that Admin setting). And a commenter there (Mark) proposed that a jvm arg helped him:
--add-exports=java.base/jdk.internal.loader=ALL-UNNAMEDBut sadly that did NOT help for me, with bolthttp, on CF2018 or 2021 (both running Java 11). (And the --add-exports is not supported by Java 8, so downgrading to that was not the way to get that arg to "work".
Of course, turning off the admin setting (which is enabled by default with the "secure profile" in CF) may be an option for some.
But for those who cannot, I wanted to raise this issue here in case you, Pete, or anyone else may have another suggestion to allow it to work. I realize it's a rather dormant project, and it does at least work great otherwise. Again, thanks so much for it.
The text was updated successfully, but these errors were encountered: