ProxyUtililites.secureCreate fails if App class loader containers a different version of hk2 #377

glassfishrobot · 2017-11-24T13:35:57Z

When creating the delegating class loader:

      DelegatingClassLoader initDelegatingLoader;
        synchronized (superClassToDelegator) {
            initDelegatingLoader = superClassToDelegator.get(loader);
            if (initDelegatingLoader == null) {
                initDelegatingLoader = AccessController.doPrivileged(new PrivilegedAction<DelegatingClassLoader>() {

                    @Override
                    public DelegatingClassLoader run() {
                        return new DelegatingClassLoader(
                                loader,
                                ProxyFactory.class.getClassLoader(),
                                ProxyCtl.class.getClassLoader());
                    }
                    
                });
                
                superClassToDelegator.put(loader, initDelegatingLoader);
            }
        }

The ordering of the class loaders means that the Proxy.newProxy call will fail when it tries to reload the interfaces from loader with the following message "org.glassfish.hk2.api.ProxyCtl is not visible from class loader" even though it is available.

If you alter the order of the class loaders then this problem goes away because the local class loader is prioritised.

        DelegatingClassLoader initDelegatingLoader;
        synchronized (superClassToDelegator) {
            initDelegatingLoader = superClassToDelegator.get(loader);
            if (initDelegatingLoader == null) {
                initDelegatingLoader = AccessController.doPrivileged(new PrivilegedAction<DelegatingClassLoader>() {

                    @Override
                    public DelegatingClassLoader run() {
                        return new DelegatingClassLoader(
                                ProxyFactory.class.getClassLoader(),
                                ProxyCtl.class.getClassLoader(),
                                loader);
                    }

                });

                superClassToDelegator.put(loader, initDelegatingLoader);
            }
        }

This was seen when trying to shoehorn Jersey 2.21.1 into WLS 12.1.2 and the classes was using @context to inject HttpServletRequest. In this case HttpServletRequest came from the root class loader for the server but we have a different version of hk2 in the root class loader and the .war class loader. FYI my weblogic.xml looked like this, I can provide more details if you need a more complete test case.

<?xml version="1.0" encoding="UTF-8"?>
<weblogic-web-app xmlns="http://xmlns.oracle.com/weblogic/weblogic-web-app"
                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                  xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd http://xmlns.oracle.com/weblogic/weblogic-web-app http://xmlns.oracle.com/weblogic/weblogic-web-app/1.2/weblogic-web-app.xsd">
    <context-root/>
    <!-- Use built version to say deploy change  <library-ref>
        <library-name>jax-rs</library-name>
        <specification-version>2.0</specification-version>
        <exact-match>false</exact-match>
      </library-ref> -->

    <container-descriptor>
        <prefer-application-packages>
            <!-- apis -->
            <package-name>javax.ws.rs.*</package-name>
            <package-name>javax.validation.*</package-name>

            <!-- guava -->
            <package-name>com.google.common.*</package-name>

            <!-- A hibernate validation provider -->
            <package-name>org.hibernate.validator.*</package-name>

            <!-- jersey providers -->
            <package-name>com.sun.jersey.*</package-name>
            <package-name>org.glassfish.jersey.*</package-name>
            <package-name>jersey.repackaged.*</package-name>

            <!-- hk2 -->
            <package-name>org.jvnet.hk2.*</package-name>
            <package-name>org.jvnet.hk2.tiger_types.*</package-name>
            <package-name>org.glassfish.hk2.*</package-name>

            <package-name>javassist.*</package-name>

            <!-- media providers -->
            <package-name>org.eclipse.persistence.jaxb.rs.*</package-name>
            <package-name>org.codehaus.jackson.jaxrs.*</package-name>

            <!-- wls -->
            <package-name>weblogic.jaxrs.api.client.*</package-name>
            <package-name>weblogic.jaxrs.internal.api.client.*</package-name>
            <package-name>weblogic.jaxrs.dispatch.*</package-name>
            <package-name>weblogic.jaxrs.monitoring.util.*</package-name>
        </prefer-application-packages>
        <prefer-application-resources>
            <resource-name>META-INF/services/javax.validation.spi.ValidationProvider</resource-name>
        </prefer-application-resources>

    </container-descriptor>


    <!--
    XXXXXX redacted
  -->
    <session-descriptor>
        <cookie-secure>true</cookie-secure>
        <url-rewriting-enabled>false</url-rewriting-enabled>
    </session-descriptor>
</weblogic-web-app>

glassfishrobot · 2018-08-30T10:03:29Z

Issue Imported From: ProxyUtililites.secureCreate fails if App class loader containers a different version of hk2 javaee/hk2#376
Original Issue Raised By:@kingsfleet
Original Issue Assigned To: Unassigned

glassfishrobot mentioned this issue Aug 30, 2018

ProxyUtililites.secureCreate fails if App class loader containers a different version of hk2 javaee/hk2#376

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ProxyUtililites.secureCreate fails if App class loader containers a different version of hk2 #377

ProxyUtililites.secureCreate fails if App class loader containers a different version of hk2 #377

glassfishrobot commented Nov 24, 2017

glassfishrobot commented Aug 30, 2018

ProxyUtililites.secureCreate fails if App class loader containers a different version of hk2 #377

ProxyUtililites.secureCreate fails if App class loader containers a different version of hk2 #377

Comments

glassfishrobot commented Nov 24, 2017

glassfishrobot commented Aug 30, 2018