Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Illegal reflective access by com.fasterxml.jackson.databind.util.ClassUtil #3858

Open
DylanTheDeveloper opened this issue Apr 4, 2023 · 2 comments
Open

Illegal reflective access by com.fasterxml.jackson.databind.util.ClassUtil #3858

DylanTheDeveloper opened this issue Apr 4, 2023 · 2 comments
Labels
need-test-case To work on issue, a reproduction (ideally unit test) needed

Comments

@DylanTheDeveloper
Copy link

Describe the bug
A clear and concise description of what the bug is.
When upgrading our component to Java 11 we started seeing an illegal access warning show up for Jackson-databind.

Version information
Which Jackson version(s) was this for?
jackson-databind-2.15.0-rc2 was the latest but we were on version jackson-databind-2.13.4.2 with the same issue.

To Reproduce
If you have a way to reproduce this with:

WARNING: Illegal reflective access by com.fasterxml.jackson.databind.util.ClassUtil (file:/Users/****/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.15.0-rc2/jackson-databind-2.15.0-rc2.jar) to field java.util.logging.Handler.errorManager
                at com.fasterxml.jackson.databind.util.ClassUtil.checkAndFixAccess(ClassUtil.java:995)
                at com.fasterxml.jackson.databind.introspect.AnnotatedMember.fixAccess(AnnotatedMember.java:139)
                at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.fixAccess(BeanPropertyWriter.java:439)
                at com.fasterxml.jackson.databind.ser.BeanSerializerBuilder.build(BeanSerializerBuilder.java:211)
                at com.fasterxml.jackson.databind.ser.BeanSerializerFactory.constructBeanOrAddOnSerializer(BeanSerializerFactory.java:473)
                at com.fasterxml.jackson.databind.ser.BeanSerializerFactory.findBeanOrAddOnSerializer(BeanSerializerFactory.java:295)
                at com.fasterxml.jackson.databind.ser.BeanSerializerFactory._createSerializer2(BeanSerializerFactory.java:240)
                at com.fasterxml.jackson.databind.ser.BeanSerializerFactory.createSerializer(BeanSerializerFactory.java:174)
                at com.fasterxml.jackson.databind.SerializerProvider._createUntypedSerializer(SerializerProvider.java:1507)
                at com.fasterxml.jackson.databind.SerializerProvider._createAndCacheUntypedSerializer(SerializerProvider.java:1455)
                at com.fasterxml.jackson.databind.SerializerProvider.findContentValueSerializer(SerializerProvider.java:789)
                at com.fasterxml.jackson.databind.ser.impl.PropertySerializerMap.findAndAddSecondarySerializer(PropertySerializerMap.java:90)
                at com.fasterxml.jackson.databind.ser.std.ObjectArraySerializer._findAndAddDynamic(ObjectArraySerializer.java:340)
                at com.fasterxml.jackson.databind.ser.std.ObjectArraySerializer.serializeContents(ObjectArraySerializer.java:250)
                at com.fasterxml.jackson.databind.ser.std.ObjectArraySerializer.serialize(ObjectArraySerializer.java:214)
                at com.fasterxml.jackson.databind.ser.std.ObjectArraySerializer.serialize(ObjectArraySerializer.java:23)
                at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:732)
                at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:772)
                at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:178)
                at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:732)
                at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:772)
                at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:178)
                at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:732)
                at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:772)
                at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:178)
                at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:732)
                at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:772)
                at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:178)
                at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:732)
                at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:772)
                at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:178)
                at com.fasterxml.jackson.databind.ser.std.ObjectArraySerializer.serializeContents(ObjectArraySerializer.java:253)

We found that our ObjectMapper was using mapper.configure(MapperFeature.SORT_PROPERTIES_ALPHABETICALLY, true);(Which is Deprecated). We upgraded the Deprecated code and still ran into the same issue. The only way to stop the warning was to add: spring: jackson: mapper: SORT_PROPERTIES_ALPHABETICALLY: true Globally to our Application.yml file.

Expected behavior
If reproduction itself needs further explanation, you may also add more details here.
No illegal reflective access warning

Additional context
Add any other context about the problem here.
@DylanTheDeveloper DylanTheDeveloper added the to-evaluate Issue that has been received but not yet evaluated label Apr 4, 2023
@pjfanning
Copy link
Member

This is discussed in #2718 and other issues.

@cowtowncoder cowtowncoder added the need-test-case To work on issue, a reproduction (ideally unit test) needed label Apr 4, 2023
@cowtowncoder
Copy link
Member

@DylanTheDeveloper problem here is that this does not indicate which Java class is being the problem -- ClassUtil will try to force access, and that's what is designed to do. But some target class is not opening access: if it's a JDK class there may be need for Jackson change; if it's app POJO then it's up to developers to give more access (or use annotations or so on).

So more information would be needed; discussion @pjfanning referenced may be of help.

@cowtowncoder cowtowncoder removed the to-evaluate Issue that has been received but not yet evaluated label Apr 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
need-test-case To work on issue, a reproduction (ideally unit test) needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cowtowncoder @pjfanning @DylanTheDeveloper