Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-5289

wildfly-elytron-integration: Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major Major
    • None
    • 14.0.0.Final, 14.0.1.Final
    • Security
    • None
    • Hide

      How Reproducible:

      Always

      Steps To Reproduce:

      1. Clone the Keycloak repository with WIP upgrade to Wildfly 22 change:
        $ git clone -b KEYCLOAK-16724 git@github.com:iankko/keycloak.git
        
      2. Build the Keycloak distribution:
        $ mvn clean install -B -DskipTests -Pdistribution
        
      3. Build the Keycloak testsuite:
        $ mvn clean install -B -Pauth-server-wildfly -DskipTests -f testsuite/pom.xml
        
      4. Run the org.keycloak.test.config.migration.ConfigMigrationTest test:
        $ mvn clean install -f testsuite/integration-arquillian/tests/other/server-config-migration/pom.xml
        

      Current Result:
      org.keycloak.test.config.migration.ConfigMigrationTest fails with:

      ...
      [ERROR] Tests run: 3, Failures: 1, Errors: 2, Skipped: 0, Time elapsed: 0.275 s <<< FAILURE! - in org.keycloak.test.config.migration.ConfigMigrationTest
      [ERROR] testStandalone(org.keycloak.test.config.migration.ConfigMigrationTest)  Time elapsed: 0.03 s  <<< ERROR!
      java.io.IOException: org.jboss.dmr.stream.ModelException: Unexpected character 'W' while reading DMR stream
      	at org.jboss.dmr.ModelNode.fromStream(ModelNode.java:1753)
      	at org.keycloak.test.config.migration.ConfigMigrationTest.compareConfigs(ConfigMigrationTest.java:85)
      	at org.keycloak.test.config.migration.ConfigMigrationTest.testStandalone(ConfigMigrationTest.java:55)
      	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
      	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:59)
      	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
      	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:56)
      	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
      	at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:306)
      	at org.junit.runners.BlockJUnit4ClassRunner$1.evaluate(BlockJUnit4ClassRunner.java:100)
      	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:366)
      	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:103)
      	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:63)
      	at org.junit.runners.ParentRunner$4.run(ParentRunner.java:331)
      	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:79)
      	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:329)
      	at org.junit.runners.ParentRunner.access$100(ParentRunner.java:66)
      	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:293)
      	at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:306)
      	at org.junit.runners.ParentRunner.run(ParentRunner.java:413)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:365)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:273)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:159)
      	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:384)
      	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:345)
      	at org.apache.maven.surefire.booter.ForkedBooter.execute(ForkedBooter.java:126)
      	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:418)
      Caused by: org.jboss.dmr.stream.ModelException: Unexpected character 'W' while reading DMR stream
      	at org.jboss.dmr.stream.ModelGrammarAnalyzer.newModelException(ModelGrammarAnalyzer.java:363)
      	at org.jboss.dmr.stream.ModelReaderImpl.newModelException(ModelReaderImpl.java:861)
      	at org.jboss.dmr.stream.ModelReaderImpl.next(ModelReaderImpl.java:615)
      	at org.jboss.dmr.ModelNodeFactory.readFrom(ModelNodeFactory.java:86)
      	at org.jboss.dmr.ModelNodeFactory.readFrom(ModelNodeFactory.java:77)
      	at org.jboss.dmr.ModelNode.fromStream(ModelNode.java:1751)
      	... 30 more
      ...
      

      and inspecting the issue further shows selected files contain the aforementioned warning:

      [iankko@localhost keycloak]$ grep 'WARNING:' testsuite/integration-arquillian/tests/other/server-config-migration/target/*.txt
      testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone-ha.txt:WARNING: An illegal reflective access operation has occurred
      testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone-ha.txt:WARNING: Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions (jar:file:/tmp/reproducer/keycloak/testsuite/integration-arquillian/tests/other/server-config-migration/target/keycloak-13.0.0-SNAPSHOT/modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.1.Final.jar!/) to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()
      testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone-ha.txt:WARNING: Please consider reporting this to the maintainers of org.wildfly.extension.elytron.SSLDefinitions
      testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone-ha.txt:WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
      testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone-ha.txt:WARNING: All illegal access operations will be denied in a future release
      testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone.txt:WARNING: An illegal reflective access operation has occurred
      testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone.txt:WARNING: Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions (jar:file:/tmp/reproducer/keycloak/testsuite/integration-arquillian/tests/other/server-config-migration/target/keycloak-13.0.0-SNAPSHOT/modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.1.Final.jar!/) to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()
      testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone.txt:WARNING: Please consider reporting this to the maintainers of org.wildfly.extension.elytron.SSLDefinitions
      testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone.txt:WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
      testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone.txt:WARNING: All illegal access operations will be denied in a future release
      

      Expected Result:
      Aforementioned test passes without issues.

      Note: See also https://issues.redhat.com/browse/KEYCLOAK-17156 for further details if necessary.

      Show
      How Reproducible: Always Steps To Reproduce: Clone the Keycloak repository with WIP upgrade to Wildfly 22 change: $ git clone -b KEYCLOAK-16724 git@github.com:iankko/keycloak.git Build the Keycloak distribution: $ mvn clean install -B -DskipTests -Pdistribution Build the Keycloak testsuite: $ mvn clean install -B -Pauth-server-wildfly -DskipTests -f testsuite/pom.xml Run the org.keycloak.test.config.migration.ConfigMigrationTest test: $ mvn clean install -f testsuite/integration-arquillian/tests/other/server-config-migration/pom.xml Current Result: org.keycloak.test.config.migration.ConfigMigrationTest fails with: ... [ERROR] Tests run: 3, Failures: 1, Errors: 2, Skipped: 0, Time elapsed: 0.275 s <<< FAILURE! - in org.keycloak.test.config.migration.ConfigMigrationTest [ERROR] testStandalone(org.keycloak.test.config.migration.ConfigMigrationTest) Time elapsed: 0.03 s <<< ERROR! java.io.IOException: org.jboss.dmr.stream.ModelException: Unexpected character 'W' while reading DMR stream at org.jboss.dmr.ModelNode.fromStream(ModelNode.java:1753) at org.keycloak.test.config.migration.ConfigMigrationTest.compareConfigs(ConfigMigrationTest.java:85) at org.keycloak.test.config.migration.ConfigMigrationTest.testStandalone(ConfigMigrationTest.java:55) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:59) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:56) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:306) at org.junit.runners.BlockJUnit4ClassRunner$1.evaluate(BlockJUnit4ClassRunner.java:100) at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:366) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:103) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:63) at org.junit.runners.ParentRunner$4.run(ParentRunner.java:331) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:79) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:329) at org.junit.runners.ParentRunner.access$100(ParentRunner.java:66) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:293) at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:306) at org.junit.runners.ParentRunner.run(ParentRunner.java:413) at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:365) at org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:273) at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238) at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:159) at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:384) at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:345) at org.apache.maven.surefire.booter.ForkedBooter.execute(ForkedBooter.java:126) at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:418) Caused by: org.jboss.dmr.stream.ModelException: Unexpected character 'W' while reading DMR stream at org.jboss.dmr.stream.ModelGrammarAnalyzer.newModelException(ModelGrammarAnalyzer.java:363) at org.jboss.dmr.stream.ModelReaderImpl.newModelException(ModelReaderImpl.java:861) at org.jboss.dmr.stream.ModelReaderImpl.next(ModelReaderImpl.java:615) at org.jboss.dmr.ModelNodeFactory.readFrom(ModelNodeFactory.java:86) at org.jboss.dmr.ModelNodeFactory.readFrom(ModelNodeFactory.java:77) at org.jboss.dmr.ModelNode.fromStream(ModelNode.java:1751) ... 30 more ... and inspecting the issue further shows selected files contain the aforementioned warning: [iankko@localhost keycloak]$ grep 'WARNING:' testsuite/integration-arquillian/tests/other/server-config-migration/target/*.txt testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone-ha.txt:WARNING: An illegal reflective access operation has occurred testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone-ha.txt:WARNING: Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions (jar:file:/tmp/reproducer/keycloak/testsuite/integration-arquillian/tests/other/server-config-migration/target/keycloak-13.0.0-SNAPSHOT/modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.1.Final.jar!/) to method com.sun.net.ssl.internal.ssl.Provider.isFIPS() testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone-ha.txt:WARNING: Please consider reporting this to the maintainers of org.wildfly.extension.elytron.SSLDefinitions testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone-ha.txt:WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone-ha.txt:WARNING: All illegal access operations will be denied in a future release testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone.txt:WARNING: An illegal reflective access operation has occurred testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone.txt:WARNING: Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions (jar:file:/tmp/reproducer/keycloak/testsuite/integration-arquillian/tests/other/server-config-migration/target/keycloak-13.0.0-SNAPSHOT/modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.1.Final.jar!/) to method com.sun.net.ssl.internal.ssl.Provider.isFIPS() testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone.txt:WARNING: Please consider reporting this to the maintainers of org.wildfly.extension.elytron.SSLDefinitions testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone.txt:WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations testsuite/integration-arquillian/tests/other/server-config-migration/target/master-standalone.txt:WARNING: All illegal access operations will be denied in a future release Expected Result: Aforementioned test passes without issues. Note: See also https://issues.redhat.com/browse/KEYCLOAK-17156 for further details if necessary.
    • Migration, Compatibility/Configuration, User Experience
    • Undefined

      The following warning started to appear after upgrading Keycloak to Wildfly Core 14.0.0.Beta4 / Elytron 1.14.0.Final and is present also with Wildfly Core 14.0.1.Final / Elytron 1.14.1.Final (intentionally listing version of both components, because not sure ATM if the source of the warning are updates of Wildfly Core, or rather updates of Elytron):
       

      WARNING: An illegal reflective access operation has occurred
      WARNING: Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions (jar:file:/keycloak-git-clone-home/keycloak/testsuite/integration-arquillian/tests/other/server-config-migration/target/keycloak-13.0.0-SNAPSHOT/modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.1.Final.jar!/) to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()
      WARNING: Please consider reporting this to the maintainers of org.wildfly.extension.elytron.SSLDefinitions
      WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
      WARNING: All illegal access operations will be denied in a future release
      
      

      Note: The issue / warning wasn't present in Wildfly Core 13.0.3.Final / Elytron 1.13.1.Final version(s) yet.

              darran.lofthouse@redhat.com Darran Lofthouse
              rhn-jlieskov Ján Lieskovský (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: