But when I create object using “jsoup = createObject(“java”, “org.jsoup.Jsoup”, “org.jsoup”, “1.9.2”);”
I can’t use another library version using “jsoup = createObject(“java”, “org.jsoup.Jsoup”, “org.jsoup”, “1.15.3”);” Lucee create instance of “1.9.2” version
What I’m doing wrong?
Don’t forget to tell us about your stack!
OS: Windows Server 2012 Java Version: 1.8.0_131 Lucee Version: 5.3.9.160 and others
Even if I delete the 1.9.2 jar it still returns that version.
I also tried switching to the newer version programmatically but it made no difference.
So it seems that once a bundle has been loaded as the first instance with that name, it can only be replaced via a restart. Not the fully dynamic java loading I thought we had these days.
@Vintic Presumably you don’t actually need to call both versions of jsoup? As I say v1.9.2 is very old and there’s been at least one CVE meaning you should be using the latest version only.
Assuming that’s the case, then the solution for now would be to remove the 1.9.2 jar from the /bundles folder, replace it with 1.15.3 and then restart Lucee, after which your CreateObject() calls should return the current version.
I put together a test case for a ticket by creating a simple dummy osgi bundle from scratch in 2 different versions, but couldn’t replicate the issue: I was able to switch between the loaded versions using CreateObject() as per the docs.
Which is a relief.
I guess it’s something specific to jSoup, but we are using it in production, loaded via osgi, and not having any problems.