Illegal Access Warning

[lkaupp]

Hi,
thank you much for this great extension, i got this warning, what to do about that?

WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by com.bol.util.JCEPolicy (file:/~/.m2/repository/com/bol/spring-data-mongodb-encrypt/2.2/spring-data-mongodb-encrypt-2.2.jar) to field javax.crypto.JceSecurity.isRestricted
WARNING: Please consider reporting this to the maintainers of com.bol.util.JCEPolicy
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release

I am using Spring Boot with version: v2.1.2.RELEASE

[pzn]

Hey,

Also using this nice library,

It's because of https://github.com/bolcom/spring-data-mongodb-encrypt/blob/a9d5ee0dfc5d84dda0dac99a8922982de739b647/src/main/java/com/bol/util/JCEPolicy.java#L32

As stated in the javadoc, https://github.com/bolcom/spring-data-mongodb-encrypt/blob/a9d5ee0dfc5d84dda0dac99a8922982de739b647/src/main/java/com/bol/util/JCEPolicy.java#L13, the hack is not required anymore... starting from specific JDK builds!

I guess the lib wants to be compatible with versions prior to the fix.

A good enough fix to avoid such error message (which is even bigger with a stacktrace using Java 12), would be to check the java runtime version before performing the hack... which would be kinda cumbersome though.

Otherwise, get rid of the hack and bump the version of the lib...

Food for thoughts.

[agoston]

Correct, java 8u152 enabled strong encryptions in JCEPolicy, so this hack is no longer needed, that's exactly why it's enclosed in a try-catch.
I haven't tried this lib on java above java8 yet, so I suppose you can encounter weird behavior and warnings. I'll keep this issue open and do some testing on java11-12 when I have the time (or anyone else is also welcome!)

[lkaupp]

Well tested your lib with openjdk11 and at the moment there are no major issues.

[agoston]

Thank you. I am considering adding a java version check and only do the JCEPolicy hack on java <= 8u152, as this hack is bound to produce JVM warnings and errors.

[mrk992]

Hello! Is this warn still open?
I have a exception:
15-10-2019 15:18:54 [main] INFO com.bol.crypt.CryptVault - Exception caught while trying to open JCE via reflection java.lang.NoSuchFieldException: modifiers
And i think that is the same. I am using the JDK version 1.8
Thank you!

[agoston]

Yes, I'm planning to add a java version check before this one, but it's relatively low priority as this is merely cosmetic - apart from that log line, everything works as normal.

[mrk992]

ok ok, i will try to solve, if i have time!

[agoston]

Fixed in 2.3.1.

[mrk992]

Thank you!

[AnanyaAnandh]

Hello! Is this warn still open?
I have a exception:
15-10-2019 15:18:54 [main] INFO com.bol.crypt.CryptVault - Exception caught while trying to open JCE via reflection java.lang.NoSuchFieldException: modifiers
And i think that is the same. I am using the JDK version 1.8
Thank you!

I am facing the same issue as you, while migrating to JDK15 . The current spring-data-mongodb-encrypt version in my application is 1.3.0. could you please let me know how you resolved this issue

[agoston]

It is not an issue. For older versions of java8, the encryption API was not fully open out of the box, and a hack needed to be applied. This error message simply states this hack didn't work. spring-data-mongodb-encrypt would continue to work on a non-outdated JDK/JVM without issues, since this hack is not needed there.

As in, you can safely ignore this warning.