We are updating our applications from JavaEE 7 (JDK 1.8, TomEE-7.1.X) to JakartaEE 9.1 (JDK 11, TomEE-9.1.X).
As we ran into problems with cxf-3.5 being used in TomEE 9.1.0 we tried to update to a more recent version of TomEE (9.1.1/9.1.2) because starting from 9.1.1 cxf-4.0.3 is used which resolves some problems for us.
Using version 9.1.1+ we are not able to deploy our web applications any more because one specific @inject results in an UnsatisfiedResolutionException. If I remove the inject on the 3 beans using it, everything works fine. OpenWebBeans is used as CDI implementation in the same version for all 3 mentioned TomEE 9.1.X versions.
Seeing the code and checking the CDI documentaiton I don't see any reason why this happens. Please let me know if I missed something or you have an idea how to solve this issue.
Context: The @ApplicationScoped bean is used to do all communication with our IAM server as a single point of contact.
Message in console
INFORMATION: Deployment of web application directory [C:\dev\srv\apache-tomee-plus-9.1.2\SheepWeb-local\webapps\manager] has finished in [2.120] ms
Feb. 01, 2024 2:30:09 NACHM. org.apache.openejb.cdi.OpenEJBLifecycle startApplication
SCHWERWIEGEND: CDI Beans module deployment failed
org.apache.webbeans.exception.WebBeansDeploymentException: jakarta.enterprise.inject.UnsatisfiedResolutionException: Api type [ch.qual.base.web.auth.oic.OpenIDConnectService] is not found with the qualifiers
Qualifiers: [@jakarta.enterprise.inject.Default()]
for injection into Field Injection Point, field name : openIDConnectService, Bean Owner : [Authentication, WebBeansType:MANAGED, Name:Auth_m, API Types:[java.lang.Object,ch.qual.base.web.auth.beans.Authentication,java.io.Serializable], Qualifiers:[jakarta.enterprise.inject.Default,jakarta.enterprise.inject.Any,jakarta.inject.Named]]
Interface
package ch.qual.base.web.auth.oic;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import java.net.URL;
import java.util.Locale;
public interface OpenIDConnectService {
boolean iamEnabled();
String createAuthenticationURL( Integer clientIndex, String redirectURL, Locale userLocale);
AuthenticationInfo registerUser( Integer clientIndex, AuthenticationInfo authenticationInfo, String accessCode);
//more methods present
}
Implementation
package ch.qual.base.web.auth.oic;
imports...
@ApplicationScoped
public class QOpenIDConnectServiceImpl implements OpenIDConnectService, Serializable {
private static final long serialVersionUID = -3637502198182884565L;
private static final Logger log = LoggerFactory.getLogger(QOpenIDConnectServiceImpl.class);
//a lot of other private static final Strings removed
private static final String URLPATH_AUTHSERVER_REALM_BASE = "auth/realms/";
private static final String URLPATH_AUTHSERVER_ADMIN_BASE = "auth/admin/";
@Inject
private SecurityModuleConfiguration securityModuleConfiguration;
@Inject
private ClientConfig clientConfig;
private boolean iamInitialized = false;
private String serverURL;
private HashMap<Integer, AuthenticationRealmConfiguration> realmStore;
// ***** init and destruct *****
@PostConstruct
public void init() {
//load information from IAM server
}
...
}
beans.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="https://jakarta.ee/xml/ns/jakartaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="https://jakarta.ee/xml/ns/jakartaee https://jakarta.ee/xml/ns/jakartaee/beans_3_0.xsd"
bean-discovery-mode="all" version="3.0">
</beans>
Thank you for helping out, kind regards.
I could solve this issue by a lot of debugging combined with a try and error approach. The project now runs on Tomee 9.1.2 without problems, but I do not understand the problem I encountered. Let me show you the solution.
Our application wasn't able to start because the implementation of OpenIDConnectService was required in the startup. After creating a new plain implementation without any logic (which was found by CDI) I removed code after code to find the source of problem. It was CXF.
Solution:
In QOpenIDConnectServiceImpl I removed every import coming from CXF (WebClient, IOUtils, cxf.jaxrs.json.*) and replaced them with httpcomponents.client5 and jakarta.json.* and I changed the code to make use of the new libs. This solved my problem.
But I still don't understand why CDI was able to find QOpenIDConnectServiceImpl using cxf-shade 9.1.0 (cxf-3.5) and not with cxf-4.0.3 (no more shade).
Kind regards