Skip to Main Content

Application Development Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

appc error when compiling jsps

James ArmstrongOct 17 2024 — edited Oct 31 2024

Hi ,

I am running mvn clean install where appc has been added via weblogic-maven-plugin to the package phase.

In compiling the jsps in the 12.2.1.4-0 env, i.e. using 12cR2, I am getting the error attached.

here is the first couple of lines of the error message:

weblogic.utils.compiler.ToolFailureException:

There are 1 nested errors:

weblogic.ejb.container.compliance.ComplianceException: The AroundInvoke method can not be final, hence the interceptor class org.glassfish.jersey.ext.cdi1x.transaction.internal.WebAppExceptionInterceptor can not be final, too.

What I have come to understand from the error is:

This is a CDI error where CDI annotation AroundInvoke has been placed around a method in WebAppExceptionInterceptor where WebAppExceptionInterceptor is a final class. CDI works by producing a dynamic proxy and therefore WebAppExceptionInterceptor can not be final.

My thoughts are that I am using the wrong version of

org.glassfish.jersey.ext.cdi1x.transaction.internal.WebAppExceptionInterceptor

i.e., I need to use the version that is not final OR

I need to find the version where CDI has not been introduced yet.

I tried to figure out which versions of jersey did not have CDI. Apparently 2.14 was the last version that did not have CDI.

I added this to my pom and unfortunately this had no impact.

Any suggestions would be appreciated.


So, more information (digging):

Here is the AroundInvoke javadoc:

javax.interceptor

Annotation Type AroundInvoke

Defines an interceptor method that interposes on business methods. The method must take a single parameter of type InvocationContext and have a return type Object. The method must not be declared as abstract, final, or static.

Note that the javadoc says that AroundInvoke can not be used in final method. But a method in a final class is implicitly final.

So here is the source for the interceptor class above:

ext/cdi/jersey-cdi1x-transaction/src/main/java/org/glassfish/jersey/ext/cdi1x/transaction/internal/WebAppExceptionInterceptor.java:

package org.glassfish.jersey.ext.cdi1x.transaction.internal;

import java.io.Serializable;

import javax.ws.rs.WebApplicationException;

import javax.annotation.Priority;
import javax.inject.Inject;
import javax.interceptor.AroundInvoke;
import javax.interceptor.Interceptor;
import javax.interceptor.InvocationContext;
import javax.transaction.Transactional;

import org.glassfish.jersey.ext.cdi1x.internal.JerseyVetoed;

/**
* Transactional interceptor to help retain {@link WebApplicationException}
* thrown by transactional beans.
*
* @author Jakub Podlesak
*/
@Priority(value = Interceptor.Priority.PLATFORM_BEFORE + 199)
@Interceptor
@Transactional
@JerseyVetoed
public final class WebAppExceptionInterceptor implements Serializable {

private static final long serialVersionUID = -1L;

@Inject
@TransactionalExceptionInterceptorProvider.WaeQualifier
private WebAppExceptionHolder store;

@AroundInvoke
public Object intercept(final InvocationContext ic) throws Exception {
try {
return ic.proceed();
} catch (final WebApplicationException wae) {
if (store != null) {
store.setException(wae);
}
throw wae;
}
}
}

Seems like AroundInvoke is used in a “final” class which is causing the error.

So, this code is used in the 12cR2 distribution. It apparently is in error?

What am missing? Is there a patch?

I don't know how this ever worked with appc.

Thanks,

James

supportTicketError.txt

Comments

thatJeffSmith-Oracle Feb 13 2025

Your ENTRA users will get authenticated via JSON Web Tokens, and their Entra roles will determine which ORDS REST APIs they can hit.

When they hit an endpoint, it'll execute code in the database as the database user that owns the schema where the REST API is defined, not as Entra defiend end user. In fact, the Entra users won't have accounts in the database (they could, but wont' need to).

The :current_user field as far as ords is concerned would be the corresponding oauth2 client or JWT issued for the authorizied session.

Your prehook should be able to alter the session to set the context that would put your RLS/VPD security policy in play.

1 - 1

Post Details

Added on Oct 17 2024
0 comments
151 views