Thanks, Mandy. I was beginning to think my followup question might have gotten lost and I was considering a new post.
I'm unable to get --illegal-access=permits to work for our webstart app by setting it in the Java Control Panel with the 9+181 build. It appears webstart crashes when I do this. I tried enabling tracing & logging from the Java Control Panel "Advanced" tab, but couldn't find anything left behind. Setting a long list of --add-exports in the Java Control Panel *does* work for our webstart app with the 9+181 build. However, I don't believe this is going to work for our customer who has 1000's of geographically distributed users. We have next to zero control over how/when system administrators perform the java installations. Likewise, asking all those users to manually add the options themselves is too much to ask of them. I predict many complaints and calls to our help desk that our app doesn't work with Java 9. Any chance of adding a more webstart-friendly "JEP260 last resort" for Java 9 ? Our vendors need more time to remove dependencies from their libraries. I'm concerned that as we proceed in testing our app with Java 9 that the list of JEP260-override options will grow. For example, the --add-opens was added due to an illegal setAccessible(true) reflection call. BTW: I had a slightly longer than necessary list of java-vm-args in my original email in this thread. After correcting that issue, I am now able to launch our webstart app without editing the Java Control Panel as we are just under the java command line arg limit. So maybe we'll get lucky and further testing won't find any new JEP260-override options that are needed. Knock on wood. -- Tom On Mon, Aug 21, 2017 at 3:50 PM, mandy chung <mandy.ch...@oracle.com> wrote: > > > On 8/16/17 2:14 PM, Tom Hood wrote: > >> Thanks Richard. Sorry I didn't see your post before hitting send. >> >> So does this mean there is no workaround for a webstart app that requires >> a >> lot of the --add-export options? >> > > The only workaround I can think of is to set in Java Control Panel with > `--add-exports` or `--illegal-access=permits` options. > > The long term solution is to request the library maintainer to eliminate > their dependency on JDK internal APIs. > > Mandy > >> On Wed, Aug 16, 2017 at 2:12 PM, Tom Hood <tom.w.h...@gmail.com> wrote: >> >> I found Alan's video <https://www.youtube.com/watch?v=eU8hCCjGSbE> (time: >>> about 27:35) that goes with the slides pdf link and he mentions the >>> Add-Exports line need to go in the manifest of the jar with the >>> Main-Class. I just now tried that and it still didn't take effect. I'm >>> still getting the same error: >>> >>> java.lang.IllegalAccessError: class com.sun.media.imageioimpl.plug >>> ins.pnm.PNMImageWriter >>> (in unamed module @0x52a256fc) cannot access class >>> sun.security.action.GetPropertyAction >>> (in module java.base) because module java.base does not export >>> sun.security.action to unnamed module @0x52a256fc >>> at com.sun.media.imageioimpl.plugins.pnm.PNMImageWriter.< >>> init>[PNMImageWriter.java:85] >>> >>> The META-INF/MANIFEST.MF looks like this: >>> >>> Manifest-Version: 1.0 >>> Trusted-Library: true >>> Application-Library-Allowable-Codebase: * >>> Application-Name: TheName >>> Permissions: all-permissions >>> *Add-Exports: java.base/sun.security.action* >>> >>> Created-By: 1.6.0_24 (Sun Microsystems Inc.) >>> Caller-Allowable-Codebase: * >>> Main-Class: path.to.TheMainClass >>> Codebase: * >>> >>> Name: path/to/a/file.class >>> SHA1-Digest: thedigest >>> >>> (many more such class+digest pairs) >>> >>> Should this work or am I using it incorrectly? >>> >>> Thanks, >>> -- Tom >>> >>> On Wed, Aug 16, 2017 at 1:30 PM, Tom Hood <tom.w.h...@gmail.com> wrote: >>> >>> Hi, >>>> >>>> I need a little help understanding the difference between "Add-Exports:" >>>> in a jar's manifest vs. the command line arg --add-exports. I can get >>>> --add-exports to work, but not Add-Exports. >>>> >>>> JDK Version: 9 build 181 windows 64 >>>> >>>> Slide 23 of http://openjdk.java.net/projec >>>> ts/jigsaw/talks/prepare-for-jd >>>> k9-j1-2016.pdf seems to suggest Add-Exports in the manifest as an >>>> alternative to --add-exports >>>> >>>> Our webstart-launched app requires a long list of --add-module and/or >>>> --add-exports command line options. The list is long enough that it >>>> exceeds a limit on number of args and webstart fails to launch the app >>>> with >>>> the popup "too many args to run". >>>> >>>> Specifically, I was trying to allow jai_imageio.jar (1.0_01) to access >>>> java.base/sun.security.action by adding --add-exports=java.base/sun.se >>>> curity.action=ALL-UNNAMED >>>> to the java-vm-args in the jnlp. However, that one additional arg >>>> pushed >>>> it over the edge and exceeded the limit. >>>> >>>> This is the full j2se element in our jnlp: >>>> >>>> <j2se version="1.9+" initial-heap-size="32m" max-heap-size="3072m" >>>> java-vm-args="--add-modules=java.corba --add-exports >>>> java.desktop/com.sun.java.swing.plaf.windows=ALL-UNNAMED --add-exports >>>> java.desktop/sun.swing=ALL-UNNAMED --add-exports >>>> java.desktop/sun.awt=ALL-UNNAMED --add-exports >>>> java.desktop/sun.awt.image=ALL-UNNAMED --add-exports >>>> java.desktop/sun.awt.windows=ALL-UNNAMED --add-exports >>>> java.desktop/sun.awt.shell=ALL-UNNAMED --add-exports >>>> java.desktop/sun.awt.dnd=ALL-UNNAMED --add-exports >>>> java.base/sun.security.action=ALL-UNNAMED --add-exports=java.base/ >>>> sun.se >>>> curity.action=ALL-UNNAMED"/> >>>> >>>> I then removed the last --add-exports to keep under the arg limit and >>>> instead added an Add-Exports line to the jai_imageio.jar >>>> META-INF/MANIFEST.MF >>>> >>>> Add-Exports: java.base/sun.security.action >>>> >>>> That doesn't appear to be taking affect. Am I using it incorrectly? >>>> >>>> Thanks, >>>> -- Tom >>>> >>>> >>>> >
