![]() ![]() (Technically, as I discuss there, you point CF to the JDK's JRE folder. Instead, you could proceed to point CF to this JDK as discussed in more detail in the other blog post. Now the JDK will be installed, but NOT as a public JRE. Pick the "public jre" option and choose the drop-down value, "this feature will not be available" (you can do that for the source code, too.) It's the 3rd option on the 2nd screen of the installer (along with options for implementing the JDK developer tools and getting java source code). ![]() If it's that you or someone did use a java JRE installer (as opposed to a JDK installer, as discussed the second "problem" of the other blog post), then just note that this is what a "JRE installer" does: implement a public JRE, and you can't control that.īut if you download and run a JDK installer instead (as recommended in my other blog post), then while it DOES implement a public JRE by default, you can choose to NOT let it do it, and I'd argue you should. If it's not the location that CF is pointing to (as can be viewed in the "settings summary" or "system information" pages of the CF Admin), then it's one that maybe exists for some other reason. You can also find out in what location the OS is finding that Java command, using the "where java" command in Windows, or "whereis java" in Linux. Note that you can do a java -version command to see the version that java command is running. Perhaps there is some older software that relies on an older JVM version (like Java 7) of the public JRE you do have. Or perhaps someone installed ANOTHER JVM on the machine, which enabled that public JRE.Īnd here's something to consider: maybe you should NOT be changing THAT public JRE, or you may break that other software relying on it. So what if you DO find that java does respond at the command prompt (in a directory where this is no java.exe, to be clear), showing the options for launching java programs? Well, that means you or someone DID let the Java installer enable that. Because then if somehow some bad guy DOES get onto your machine, or more likely just leverages some vulnerability and gets some sort of code ONTO the machine, they would be able to leverage Java without needing to know where it may be. So why is it better to NOT allow java to be run on the machine this way? For security reasons, primarily. Why is it better not to have a public JRE? ![]() That's what "public" means here (not that it's public to anyone OFF your server). It means that there is no "public JRE" on your machine.no version of Java that's been installed in such a way that it can be used by any program on the machine. If you go to the command prompt on your machine, and run the command "java" (no arguments, just the word java by itself), what do you get? If it's an error that the command can't be found, then I'd argue that's a good thing. Testing for whether this is already another public JRE One other reason is in case there may already be another JRE already installed and being used (by default) by other applications. You should generally choose NOT to install that, both for security reasons, AND to prevent Java from later prompting you or someone else to let it update itself, which then could break CF. In short, I make the case here for why you should NOT let the JDK installer implement its "public jre" option.Īs I concluded in that earlier blog post, do beware that when you run the Java JDK installer, it will have a few options, one of which is the "public jre". It's about a default option when you run a Java JDK installer (see the other post for more on JDK vs JRE options). In this post, I want to elaborate on one more common mistake. In that post, I listed about a dozen common problems that befall people who try to update the JVM that CF is using (and it and this post apply as well to Lucee or BlueDragon, or indeed any Java application server). This is a follow-up to a post I did in late 2014, CF911: 'Help! I've updated the JVM which ColdFusion uses, and now it won't start!'. And I may revise the content as necessary. Corrections are welcome, in the comments. Same with links and subsequent comments from myself or others. Some content may be outdated-though not necessarily. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |