5 Replies Latest reply on Feb 16, 2018 9:26 AM by ehodges

    VFS problem with WildFly 11 and Java 9

    ehodges

      I'm running WildFly 11 on Java 9.  Code in my EAR is trying to create an instance of a BouncyCastle cipher.  This code works correctly on Java 9 outside WildFly, and it works in WildFly 11 running on Java 8, but not on Java 9.

       

      The underlying problem is that javax.crypto.JceSecurity.verifyProvider() tries to read the BouncyCastle JAR (bcprov-jdk15on-159.jar), but java.util.zip.ZipFile's constructor throws this exception:

       

      java.util.zip.ZipException: zip file is empty

       

      I think this has something to do with VFS, based on the URL for the BouncyCastle jar in the SecurityException that wraps the ZipException:

       

      java.lang.SecurityException: Cannot verify jar:vfs:/C:/Installs/wildfly-11.0.0.Final/bin/content/MyEAR.ear/bcprov-jdk15on-159.jar!/

       

      I've searched for similar issues and see several that are 5 or 6 years old, but I've never found a solution.

       

      Any ideas?

       

      ----

       

      ETA:

       

      I think I see why it is failing.

       

      sun.net.www.protocol.jar.URLJarFile tries to copy the org.jboss.vfs.VirtualJarInputStream to a temporary file by calling VirtualJarInputStream.read() before getting an entry.  VirtualJarInputStream defaults its currentEntryStream to VFSUtils.EMPTY_STREAM (which always returns -1 from its read method).  So the BouncyCastle JAR isn't copied to the temp file and Java Security can't verify it.