[Looking for Charlie's main web site?]

On ColdFusion and its support for Java 9, 10, and 11

Wondering about CF support for Java 9, 10, or 11, here in 2018 (with respect to CF 2018, CF 2016, CF 11, or earlier)? Did you know that Java 9 and Java 10 each have only 6-month lives? Seriously. And did you know that Java 9 is already no longer updated, while Java 8 still is (into next year), and that Java 11 is due to come out in September 2018? It can be quite confusing if you've not been paying attention to Oracle's new release model.

What does all this mean for Adobe and CF, and CF users? What versions of CF do, do not, and/or may support these various recent Java versions? The good news is that CF 2018 will come out running (and the second public beta does come running) on Java 10 (no word yet on Java 11). But what about other recent CF versions?

Read on for more.

(And while I am writing this in mid-2018, I will come back and update the links and info about CF2018, as it's released, and the JVM versions, as things change over time.)

[....Continue Reading....]

FusionReactor, how do I love thee? Let me count the ways (a new blog series)

Many will know that I'm a huge fan of FusionReactor, the monitoring tool (and more) for ColdFusion, Lucee, or any Java server (Tomcat, Jetty, Glassfish, JBoss, Wildfly, WebLogic, etc). And now I want to start a new series of posts on it. For more, read on.

[....Continue Reading....]

VisualVM failing to find plugins/updates? Solving the 503 error with an updated URL

Have you tried to update or simply see the available plugins for VisualVM (the Java monitoring tool built into the JDK), and found that it fails to respond right away (the progress bar will show "checking") and then it reports:

Unable to connect to the Java VisualVM Plugins Center because of Server returned HTTP response code: 503 for URL: http://www.oracle.com/splash/java.net/maintenance/index.html

There is a solution.

TLDR: the quick answer is to change the URL used by the tool (Tools>Plugins>Settings) to use a new URL, such as https://visualvm.github.io/uc/8u131/updates.xml.gz.

For those who'd appreciate more detail, read on.

[....Continue Reading....]

Why you should think twice about leaving on the "public JRE" option of the Java JDK installer

This is a follow-up to a post I did in late 2014, CF911: 'Help! I've updated the JVM which ColdFusion uses, and now it won't start!'. In that post, I listed about a dozen common problems that befall people who try to update the JVM that CF is using (and it and this post apply as well to Lucee or BlueDragon, or indeed any Java application server).

In this post, I want to elaborate on one more common mistake. Well, mistake may be too strong word. It's about a default option when you run a Java JDK installer (see the other post for more on JDK vs JRE options).

In short, I make the case here for why you should NOT let the JDK installer implement its "public jre" option.

[....Continue Reading....]

CF911: 'Help! I've updated the JVM which ColdFusion uses, and now it won't start!'

Has this happened to you?
  • You wanted to update the JVM which CF uses to use a new version
  • so you found some resource on the web showing how to update, and it seemed simple enough
  • and then you tried restarting CF and wham, it won't start
  • and now you're stuck wondering, "what happened? and how am I supposed to fix this?"

It's a tragic position to be in, of course.

There are several reasons why your attempt to update CF's JVM can fail.

And fortunately I can offer several things you can consider/look at, some of which may quickly recover from or be able to undo (depends on what you did). And all this applies to Lucee, Railo, and BlueDragon as well, though folder locations will differ.

In brief, here are the things you may have done wrong. See below for solutions or recommendations:

  1. You may have told the Java installer to install itself WITHIN the CF directory. You should not do that.
  2. You may have gotten the wrong kind of Java installer
  3. You may have gotten the wrong bit-level of Java for your bit-level of CF
  4. You may have gotten the wrong JVM for your OS
  5. You may have tried to use a JVM not supported by the version of CF you're running
  6. You may have pointed CF to the wrong JVM location
  7. You may have updated the JVM config for the cfusion instance, but not your other instances
  8. You may have forgotten to change the path's directory separator slashes on Windows
  9. You may have to copy the msvcr100.dll from the JVM's lib to CF's when updating older CF's to Java 7+
  10. You may have to copy the tools.jar from the JVM's lib to CF's when updating older CF's to Java 8+ (and delete some files compiled for the old JVM)
  11. You may find that Solr integration (and/or PDFG in CF11+) stops working, because you didn't realize you needed to edit *its* jvm config file

While I'm at it, I also cover:

  • Why you'll find that CF can't even STOP (let alone START) if you make a mistake with the JVM configuration
  • What JVM version(s) are supported by what versions of CF
  • Dealing with SSL Certificates you may have imported into a previous JVM
  • Beware leaving the Java installer to choose the "public jre" option

So this really became quite a compendium of resources on changing the JVM CF uses, but again the focus is on why CF may not start if you make certain very common mistakes.

[....Continue Reading....]

Java now has a built-in expiration date. What that's about (not obvious at first)

If you may have looked at the release notes for the latest (as of this writing) JVM update (Java 1.7 update 21), you may have noticed that it refers to an "expiration date" for this version of the JVM. What's that about, you may wonder?

[....Continue Reading....]

What's the situation with ColdFusion and Java 7, Java 6 updates, Windows 8, and OS X Mountain Lion?

I see the above questions all the time on lists, forums, twitter, etc., and while I point out the following when I see them, I wanted to share them here as well, in case others have missed them or might find them by searching.

[....Continue Reading....]

CF911: Have you updated your ColdFusion JVM to _24 yet? Important security fix for CF 8/9

This isn't new info, but you may have missed it. If you're running CF 8 or 9, did you know you can and should update the JVM that came with it? And that you have Adobe's blessing to do this update? This is because of a serious bug in the JVM that is not fixed until 1.6.0_24.

Both CF 9.0 and 9.01 run on older JVMs (and therefore need this update). And are you on CF8? You're not left out: Adobe even has confirmed this update can be applied to CF 8 and 8.01, too!

Note: if you are finding this blog post because you're searching the web for help on updating the JVM that underlies ColdFusion, note that this is a very old post (2011) about one specific JVM version. Instead, for a more general discussion of updating the JVM, and especially about solving and preventing common problems when doing that, see my more "recent" (2014) and more elaborated post: CF911: 'Help! I've updated the JVM which ColdFusion uses, and now it won't start!'.

Still more updates since this originally was posted:

Update 1: Since I wrote this blog entry in Oct 2011, Adobe has since come out with a new technote in Oct 2012 saying that you are now permitted to update to any version of Java 1.6 (for CF 8/9/10).
Update 2: Since posting this note, I've realized I should document an important fact to be aware of if you DO update the JVM: after doing so, it may seem that changes you made to allow CFHTTP calls to SSL pages (or other tags in CFML that talk via SSL or TLS) may "seem to have been lost". The issue is likely that you had modified your current CF setup to import specific certificates for such sites, but those changes are "lost" when you change the JVM that CF is now using (which has its own keystore). But these cert changes can be recovered. For more on that, see the next to last section below.
Update 3: In Feb 2013, Adobe did come out with an update that authorizes moving to Java 1.7 in either 9 or 10. You must apply the update first, though. More in this Adobe blog entry.

Old news, but not everyone knows

[....Continue Reading....]

Some code to throttle rapid requests to your CF server from one IP address

Some time ago I implemented some code on my own site to throttle when any single IP address (bot, spider, hacker, user) made too many requests at once. I've mentioned it occasionally and people have often asked me to share it, which I've happily done by email. Today with another request I decided to post it and of course seek any feedback.

It's a first cut. While there are couple of concerns that will come to mind for some readers, and I try to address those at the end, it does work for me and has helped improve my server's stability and reliability, and it's been used by many others.

Background: do you need to care? Perhaps more than you realize

[....Continue Reading....]

Revisiting CF/Java integration

On a mailing list, someone asked about running/integrating Servlets, JSPs, Struts, and EJBs in CF. This is one of those topics that was discussed a lot when CFMX came out, but those who didn't switch at the time may have missed out.

I thought I'd share here my answer to his question (pointing out several resources for him to learn more), in the hope that it may help others also who may only now be considering such integration.

Since he was already familiar with running JSPs on CF, but some readers here may not be, I'll start with just a quick point about that, then I'll offer what I replied to him.

CF and Java Integration

It may be important to clarify that technically, it was CF 4.51 that first afforded the option to integrate with Java (including EJBs). Though CF then wasn't built upon Java, you could point to a JVM in the CF Admin and various CF tags and functions afforded some Java integration.

CFMX 6, however, was not only only built upon Java but the Enterprise (and Developer) edition specifically added the ability to run JSPs and servlets directly within CF. More than that, there's some significant integration possible.

In the case of JSPs, you could just drop them into the same code directory with your CFML templates. Servlets take a little more work, as explained in my reply to the gent's email, below. He had been reading a JSP/servlet book and wanted to know how to run the latter, especially, on CF, as well as how to integrate with the Struts framework:

I hope I can help and I think you'll find I have good news.

You mention looking at a book on JSPs and servlets, and you ask how to implement them (and JSPs) in CF. Of course, that book won't help with that--but neither really will the CFML Reference (or a site like CFQuickdocs), if you may have looked that. You need to look at the ColdFusion Developers Guide in the CF docs (http://livedocs.adobe.com/coldfusion/8/htmldocs/Part_4_CF_DevGuide_1.html), or any CF books out there. The CF manual has a chapter specifically on this topic: Integrating J2EE and Java Elements in CFML Applications.

For instance, that chapter clarifies that to run a servlet called HelloWorldServlet, you put the servlet .java or .class file in the [CFserver]/WEB-INF/classes directory and refer to the servlet with the URL /servlet/HelloWorldServlet. It also discusses sharing data between CFML and such JSPs/servlets. You can even use JSP custom tag libraries directly within CFML, and lots more. And yes, the docs show (briefly) how to enable EJBs and call them from CFML.

That said, the coverage in the docs may leave one wanting more, so you may want to consider other resources that discuss it more. There was at least one book focused on that, Reality Macromedia ColdFusion MX: J2EE Integration. There were also lots of talks and articles back in the 2002 timeframe, when this stuff really took off with CFMX (though Java integration was added back in CF 4.51, which added a means in the CF Admin to point to a JVM that CF would work with.)

For instance, I did lots of presentations on CF/Java integration (as did others, of course). If you visit http://carehart.org/presentations/, and search for java, jsp, or servlet filters.

Doing Struts is not discussed in the CF docs, but there was at least one DevCenter article that discussed it specifically: Streamlining Application Development Using Struts in ColdFusion MX.

It's interesting to see these recent questions about things that came out with CF 6--many shops either didn't move from 4/5 right away, or did but didn't take advantage of the new features. Folks in that position will then not have necessarily followed all the resources (books, technotes, blog entries, user group talks) that came out back then.

This is one of the reasons I keep saying that any topic on the CF Meetup is welcomed. Not everyone needs only to learn new stuff, many need to learn what may seem "old" stuff. It's also the reason why I keep pointing to articles and talks I did in the way past. :-)

Though he didn't ask about it, of course also since CF 6 you 've been able to deploy CFML as a J2EE (or Java EE) web application/WAR or enterprise application EAR. That feature has improved from 6, to 6.1, to 7 (and of course is still possible in 8).

Certainly, if you're a shop that has any Java folks--and especially if there's some strong desire to lean that way, and CF is still seen mistakenly as a proprietary island--it's important to be able to convey to them that your CFML app can be deployed as a pure J2EE web app (WAR/EAR), which is a form they'd expect.

I think all this would be a topic worth my packing together for an upcoming CF meetup session. Until then, again, anyone interested in the topics can see the resources mentioned above that I and others have written.

Copyright ©2018 Charlie Arehart
Carehart Logo
BlogCFC was created by Raymond Camden. This blog is running version 5.005.
(Want to validate the html in this page?)

Managed Hosting Services provided by
Managed Dedicated Hosting