Requirements. Log4j 2.4 and greater requires Java 7, versions 2.0-alpha1 to 2.3 required Java 6. Some features require optional dependencies; the documentation for these features specifies the dependencies.
As of version 2.4, Log4J requires Java 7.
<AppenderRef ref="Servlet"/> </Root> </Loggers> </Configuration>
At the time of writing this (2021-03-14), https://logging.apache.org/log4j/2.x/security.html says that log4j 2.3. 2 is safe if you are running the code on a Java 6 JVM. But if you intend to run on a more recent JVM, the latest security patch is advisable.
If someone is using Maven and is having the same issue while assembling a flat jar, here is what I did to fix the same issue:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
<version>3.2.1</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>shade</goal>
</goals>
<configuration>
<transformers>
<transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
<mainClass>foo.bar.Generate</mainClass>
<manifestEntries>
<Multi-Release>true</Multi-Release>
</manifestEntries>
</transformer>
<transformer implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer"/>
</transformers>
</configuration>
</execution>
</executions>
</plugin>
The important part is <Multi-Release>true</Multi-Release>
.
Note that the Java code I'm using now to change loggers level is:
Configurator.setAllLevels("foo.bar", Level.DEBUG);
Log4J2 is of course compatible it uses the JDK Multi-Release feature or in more detail.
BUT...
1) First, when you are using - like me - the slf4j interface, you need to use a different Maven artefact, see http://logging.apache.org/log4j/2.x/log4j-slf4j-impl/index.html
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-slf4j18-impl</artifactId>
<version>2.12.1</version>
</dependency>
which adds all dependencies as 'mvn dependency:tree' reveals:
\- org.apache.logging.log4j:log4j-slf4j18-impl:jar:2.12.1:compile
[INFO] +- org.slf4j:slf4j-api:jar:1.8.0-alpha2:compile
[INFO] +- org.apache.logging.log4j:log4j-api:jar:2.12.1:compile
[INFO] \- org.apache.logging.log4j:log4j-core:jar:2.12.1:runtime
2) And second, when you are creating - like me - one single JAR, which includes all dependencies, you need to add the Multi-Release manifest entry as well, see https://issues.apache.org/jira/browse/LOG4J2-2537 or in my project's pom.xml and search for
<Multi-Release>true</Multi-Release>
If you are getting this message then your application is not setup to use multi-release jars. Log4j supports Java 9+ by using Stackwalker in a version of StackLocator that is located in META-INF/versions/9. Depending on how your application works, you may need to have Multi-Release set to true in the jar manifest. This is true for Spring Boot jars. Without multi-release support you will use the pre-Java 9 version of StackLocator which tries to use Reflection.getCallerClass(). That class was removed in Java 9. Log4j will fall back to a slower way to calculate stack locations but it will still work. Hence the warning.
Seems like this part is no longer work with Java 11.
I ran into the same problem with programmatically updating LogLevel settings using the LoggerContext after upgrading to JDK 11 from JDK 8. If the LogManager.getContext(boolean)
can't find the LoggerContext it will create and return a new instance — changing that new object will have no effect. Specifying the classloader of Log4j's LogManager class fixed the issue in our case:
LoggerContext ctx = (LoggerContext) LogManager.getContext(LogManager.class.getClassLoader(), false);
This message comes from org/apache/logging/log4j/util/StackLocator.<classconstructor>
which is part of log4j2-api.jar
(or log4j-api-2.x.y.jar
etc).
You get this message because some smart guys decided sun.reflect.Reflection.getCallerClass
has to be removed from JRE (guess they pulled a page from Herostratus's book or something). This actually happened in Openjdk11.
Mind you, you shouldn't get this message if you have a not-too-old version of log4j2-api.jar
, as it is a multi-release-jar meaning it contains another implementation of this class for Java9+ (META-INF/versions/9/org/apache/logging/log4j/util/StackLocator.class
) which doesn't give this message.
But, if you use some Helping Product(TM), such as Spring Boot, that has its own classloader, it might not be multi-relase-jar compatible, so it loads the Java8 compatible StackLocator.class
instead of the Java9+ compatible, and you still get this message.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With