Since JDK 16, the default for the --illegal-access
option is deny
, so “deep reflection” to JDK classes fails.
You can override the behavior by specifying --illegal-access=permit
, but you have to be aware of JEP 403: Strongly Encapsulate JDK Internals which is about closing that possibility in a future version, so this option is only a temporary solution.
The permanent solution is to update cglib to a compatible version if/once it exists. The attempt to access ClassLoader.defineClass
suggests that the library wants to add classes to a particular context, which can be done via MethodHandles.lookup().defineClass
instead (since Java 9). So the code only has to switch to the new way of adding classes.