When spring-boot-devtools dependency is used in a project (used by default in Vaadin generated projects) then the automatic restart functionality is used which uses the RestartClassLoader. Entries on the classpath that changes are loaded into the restart classloader by default and entries that do not change (for example, those from third-party jars) are loaded into a base AppClassLoader.
When running the V24 demo application from the AppSec Kit project, some backend classes are loaded into the ReastartClassLoader because in development environment these are considered as changeable. This causes issues in the singleton AppSecService class.
Using the spring-devtools.properties in the V24 demo application we can exclude these classes from ReastartClassLoader and to be loaded into the base AppClassLoader instead.
If AppSec Kit is used as a dependency in a project then all its classes are loaded into the base AppClassLoader because in this case AppSec Kit is a third-party dependency and not changeable.
When
spring-boot-devtoolsdependency is used in a project (used by default in Vaadin generated projects) then the automatic restart functionality is used which uses theRestartClassLoader. Entries on the classpath that changes are loaded into the restart classloader by default and entries that do not change (for example, those from third-party jars) are loaded into a baseAppClassLoader.When running the V24 demo application from the AppSec Kit project, some backend classes are loaded into the
ReastartClassLoaderbecause in development environment these are considered as changeable. This causes issues in the singletonAppSecServiceclass.Using the
spring-devtools.propertiesin the V24 demo application we can exclude these classes fromReastartClassLoaderand to be loaded into the baseAppClassLoaderinstead.If AppSec Kit is used as a dependency in a project then all its classes are loaded into the base
AppClassLoaderbecause in this case AppSec Kit is a third-party dependency and not changeable.