> On Sep 21, 2016, at 4:26 PM, Bill Shannon <bill.shannon_at_oracle.com> wrote:
>
> Jason Greene wrote on 09/21/16 02:22 PM:
>> Hi Bill,
>>
>> I agree that bundled modules should be implicitly added in legacy mode
>> (classpath execution).
>
> Have you already given this feedback to the Jigsaw team?
I haven’t; I wasn’t aware of this specific issue. I do agree it’s a problem.
>
>> As a general note, in our opinion, there are a number of issues with the
>> current jigsaw implementation that, if not satisfactorily resolved, will
>> prevent it from meeting the needs of dynamic systems such as Java EE and
>> OSGi, which puts at risk our goal of a modular EE9. Additionally there are
>> interoperability issues that will make it difficult for frameworks to support
>> modular and non-modular code.
>>
>> For those not familiar, a number of the problems that have been raised are
>> located here: http://openjdk.java.net/projects/jigsaw/spec/issues/
>>
>> A few of these have proposals are under active discussion on jigsaw-dev.
>
> Yes, I'm just starting to get up to speed on these issues.
> If there are ones that you think are particularly important
> to the Java EE community, please feel free to highlight them
> here. Perhaps others can help find satisfactory resolutions.
Ok good to know. I’ll put together a list.
In the meantime, one of the issues with proposals under active discussion that is particularly important is:
http://openjdk.java.net/projects/jigsaw/spec/issues/#ReflectiveAccessToNonExportedTypes
In short, jigsaw does additional security checks beyond a security manager (whether running or not), and disallows reflective access to non-exported packages (setAccessible isn’t sufficient). This is a major problem for any IoC/injection framework like JPA, CDI, EJB, Spring etc, as well as serialization frameworks.
--
Jason T. Greene
WildFly Lead / JBoss EAP Platform Architect
JBoss, a division of Red Hat