Closed noloader closed 2 years ago
The changes result in success when running the self tests:
[INFO] Results:
[INFO]
[INFO] Tests run: 4274, Failures: 0, Errors: 0, Skipped: 0
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 32.574 s
[INFO] Finished at: 2022-07-19T15:18:22-04:00
[INFO] ------------------------------------------------------------------------
Did they change the JDK at some point where you can o longer invoke a deprecated method via reflection? Seems so. Anyone know what version that would be in. Have to believe there's some magic workaround documented somewhere, such as setting a System property "-DYes.I.Really.Want.To.Call.Deprecated.Methods=true". 😁
-kevin
On Tue, Jul 19, 2022, 3:19 PM Jeffrey Walton @.***> wrote:
The changes result in success when running the self tests:
[INFO] Results: [INFO] [INFO] Tests run: 4274, Failures: 0, Errors: 0, Skipped: 0 [INFO] [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 32.574 s [INFO] Finished at: 2022-07-19T15:18:22-04:00 [INFO] ------------------------------------------------------------------------
— Reply to this email directly, view it on GitHub https://github.com/ESAPI/esapi-java-legacy/pull/728#issuecomment-1189462791, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAO6PG6OHTDJFZCLAAW5AU3VU35TPANCNFSM54BBVKGQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Did they change the JDK at some point where you can no longer invoke a deprecated method via reflection?
Not sure. This might also be related to ReferenceEncryptedProperties.java
. When I search for "This method has been removed for security", it lands in ReferenceEncryptedProperties.java
:
$ grep -IR 'This method has been removed for security'
src/main/java/org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.java: throw new UnsupportedOperationException("This method has been removed for security.");
src/main/java/org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.java: throw new UnsupportedOperationException("This method has been removed for security.");
src/main/java/org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.java: throw new UnsupportedOperationException("This method has been removed for security.");
src/main/java/org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.java: throw new UnsupportedOperationException("This method has been removed for security.");
src/main/java/org/owasp/esapi/reference/crypto/ReferenceEncryptedProperties.java: throw new UnsupportedOperationException("This method has been removed for security.");
In case it is related to my environment:
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.4 LTS
Release: 20.04
Codename: focal
$ java -version
openjdk version "11.0.15" 2022-04-19
OpenJDK Runtime Environment (build 11.0.15+10-Ubuntu-0ubuntu0.20.04.1)
OpenJDK 64-Bit Server VM (build 11.0.15+10-Ubuntu-0ubuntu0.20.04.1, mixed mode, sharing)
Closing. This is the wrong approach.
Several of ReferenceEncryptedProperties's methods were deprecated and now throw an UnsupportedOperation exception. This commit comments out the offending code and prints a message alerting to the removal.