Maven JarClassLoader: Warning:Foo.class in X.jar is hidden byY.jar (with different bytecode)

Question

As soon as I added java.mail support to my project:

     <dependency>
        <groupId>javax.mail</groupId>
        <artifactId>mail</artifactId>
        <version>1.4.1</version>
    </dependency>
    <dependency>
        <groupId>javax.activation</groupId>
        <artifactId>activation</artifactId>
        <version>1.1.1</version>
    </dependency>

I started receiving a flood of warning messages like these (when I run the built jar):

JarClassLoader: Warning: javax/mail/Address.class in lib/mail-1.4.1.jar is hidden by lib/geronimo-javamail_1.4_spec-1.7.1.jar (with different bytecode)
JarClassLoader: Warning: javax/mail/AuthenticationFailedException.class in lib/mail-1.4.1.jar is hidden by lib/geronimo-javamail_1.4_spec-1.7.1.jar (with differ
ent bytecode)
JarClassLoader: Warning: javax/mail/Authenticator.class in lib/mail-1.4.1.jar is hidden by lib/geronimo-javamail_1.4_spec-1.7.1.jar (with different bytecode)
JarClassLoader: Warning: javax/mail/BodyPart.class in lib/mail-1.4.1.jar is hidden by lib/geronimo-javamail_1.4_spec-1.7.1.jar (with different bytecode)
JarClassLoader: Warning: javax/mail/EventQueue.class in lib/mail-1.4.1.jar is hidden by lib/geronimo-javamail_1.4_spec-1.7.1.jar (with different bytecode)
JarClassLoader: Warning: javax/mail/FetchProfile$Item.class in lib/mail-1.4.1.jar is hidden by lib/geronimo-javamail_1.4_spec-1.7.1.jar (with different bytecode
)

My program runs fine (and sends email fine), but I don't want all these hundreds of JarClassLoader warnings...

Any idea how to restore peace & quiet to my console log?

Update: Thanks to the tip by Jigar Joshi below, I found that the undesired geronimo-javamail_1.4_spec-1.7.1.jar comes from org.apache.cxf:cxf-api:jar:2.7.1:compile, so I added an exclusion:

   <dependency> 
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-api</artifactId>
        <version>2.7.1</version>
        <exclusions>
          <exclusion>  
           <groupId>org.apache.geronimo.specs</groupId>
           <artifactId>geronimo-javamail_1.4_spec</artifactId>
         </exclusion>
       </exclusions> 
    </dependency>

And the mvn dependency:tree command no longer shows "geronimo" as a dependency, but I am still getting all these warnings when I run the newly resulting jar (built from clean!)

Additional suggestions?

Update 2: This is the dependencies section in my pom.xml:

<dependencies>
  <dependency>
    <groupId>junit</groupId>
    <artifactId>junit</artifactId>
    <version>3.8.1</version>
    <scope>test</scope>
  </dependency>


  <dependency>
    <groupId>org.apache.cxf</groupId>
    <artifactId>cxf-rt-frontend-jaxws</artifactId>
    <version>2.7.1</version>
    <type>jar</type>
    <scope>runtime</scope>
  </dependency>
  <dependency>
    <groupId>org.apache.cxf</groupId>
    <artifactId>cxf-rt-transports-http</artifactId>
    <version>2.7.1</version>
    <type>jar</type>
    <scope>runtime</scope>
  </dependency>
  <dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-web</artifactId>
    <version>3.0.7.RELEASE</version>
  </dependency>


  <dependency>
    <groupId>mysql</groupId>
    <artifactId>mysql-connector-java</artifactId>
    <version>5.1.26</version>
  </dependency>
  <dependency>
    <groupId>org.hibernate</groupId>
    <artifactId>hibernate-core</artifactId>
    <version>4.2.6.Final</version>
  </dependency>
  <dependency> 
    <groupId>org.apache.cxf</groupId>
    <artifactId>cxf-api</artifactId>
    <version>2.7.1</version>
    <exclusions>
      <exclusion>
    <groupId>org.apache.geronimo.specs</groupId>
    <artifactId>geronimo-javamail_1.4_spec</artifactId>
      </exclusion>
    </exclusions> 
  </dependency>
  <dependency>
    <groupId>org.apache.cxf</groupId>
    <artifactId>cxf-rt-transports-http</artifactId>
    <version>2.7.1</version>
    <type>jar</type>
  </dependency>

  <dependency>
    <groupId>javax.servlet</groupId>
    <artifactId>servlet-api</artifactId>
    <version>2.5</version>
  </dependency>

  <dependency> 
    <groupId>javax.mail</groupId>
    <artifactId>mail</artifactId>
    <version>1.4.1</version>
  </dependency>
  <dependency>
    <groupId>javax.activation</groupId>
    <artifactId>activation</artifactId>
    <version>1.1.1</version>
  </dependency>

</dependencies>

jmj · Answer 1 · 2014-03-28T18:29:21.800

3

That warning says you have same class present from multiple jar so it could cause trouble at runtime

for example:

JarClassLoader: Warning: javax/mail/EventQueue.class in lib/mail-1.4.1.jar is hidden by lib/geronimo-javamail_1.4_spec-1.7.1.jar (with different bytecode)

I assume you are looking for that class from mail-1.4.1.jar and not from geronimo-javamail_1.4_spec-1.7.1.jar for example

You would have to exclude this non wanted jar so that it doesn't make itself available in classpath, either by use of <exclusions> or <optional> tag, it might be coming from other jar's dependency

execute mvn dependency:tree to track it down from where it is coming and <exclude> it

Also See

<optional> & <exclusions>

edited Mar 28 '14 at 18:29

answered Mar 28 '14 at 18:15

jmj

237,923
42
401
438

You are assuming correctly, thank you very much for the `mvn dependency:tree` tip. That unwanted geronimo-javamail jar comes from/with `org.apache.cxf:cxf-api:jar:2.7.1:compile`. I definitely want to exclude. I will check shortly how to do this. – Withheld Mar 28 '14 at 18:27
1

https://maven.apache.org/guides/introduction/introduction-to-optional-and-excludes-dependencies.html – jmj Mar 28 '14 at 18:28
Thank you again. I did try but this doesn't seem to fix the problem for some reason (see update above). – Withheld Mar 28 '14 at 18:40
1

are you sure that jar is now no longer coming from any other dependency and it still shows that warning ? – jmj Mar 28 '14 at 18:42
I think so. To double check, I ran `mvn dependency:tree | grep ger` -- no trace of any geronimo in the dependency tree. I think I am missing a tiny something but I don't know what it is. – Withheld Mar 28 '14 at 18:43
1

and you still have that warning saying that class is available from that jar ? it might be complaining about other jar now can you try grepping in your warnings as well – jmj Mar 28 '14 at 18:45
Yes, I do. (rebuilt from clean again to make sure nothing gets in). These are the exact same warnings. That's weird, because the `mvn dependency:tree` does reflect that the change in the `pom.xml` was correct and thus understsood correctly. – Withheld Mar 28 '14 at 19:01
1

can you share your minimal pom.xml with dependencies so that detailed issue can be tracked down – jmj Mar 28 '14 at 19:02
I just added the dependencies section to my original post. Do you notice anything suspicious? – Withheld Mar 28 '14 at 19:11
1

can you replace those version variables with actual value? – jmj Mar 28 '14 at 19:13
can you post full build log (if not sensitive) I don't see any warning with provided dependencies, may be you are using some plugin that generates these warnings – jmj Mar 28 '14 at 20:16

Maven JarClassLoader: Warning:Foo.class in X.jar is hidden byY.jar (with different bytecode)

1 Answers1