Why classpath scanning is bad for you

It’s fairly popular in Java for frameworks, containers, and sometimes even scripting languages to do a classpath scan to find components, implementations and other interesting classes. Most people think nothing of this, except that it makes life easier (if sometimes a little slower). However, classpath scanning can be a very bad thing.

Most people seem to forget that Java no longer works with the classpath in the same way it used to. The classpath is simply used to define a bootstrap environment, from with the URLClassLoader can work. I have come across systems that don’t even have the full JRE deployed in their client environments, opting instead to load all their classes over the network, or sometimes even out of a database.

The classpath only takes into account the basic set of classes given to the VM. A lot of classpath scanners also assume that classes are only stored in either a JAR file or a Directory. This is not at all the fact, they could be stored in a Pack200 file, a tar.gz / tar.bz2 file, or even some file-format that you’ve never heard of.

Unfortunately the classpath is a badly abused structure. If you do need to “magically” find classes at runtime, look at either the ServiceLoader class, or into using ClassLoader.getResources.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: