My hosting company urges me to upgrade my web site running FarCry 7.2.9 on CF11 to CF2016 or, preferred, CF2018.
However, as it seems, FarCry needs to be granted the rights to load and execute the Java classes in the core (first of all being the JavaLoader class. Not being a Java developer at all, I understand that this jar file serves as the foundation to dynamically load any other jar files (for example the UUID creation algorithm) without the need to change/edit/alter the Java path settings on the ColdFusion server.
As it seems, the provider considers enabling this setting (BTW, which one ist it exactly?) to be a security issue.
Now, the main question is:
What are my options? Is it possible to run FarCry without those Java classes being enabled (even if I would have to do without some functionality)? For example, I guess I could live without the Internet Address locator class.
Which parts would I need to re-develop? Which Java classes are currently used?
Where to find those? Is there any documentation available?
I am well aware of the fact that going this route could require quite some time to re-develop those features. However, with everybody obviously being scared because of possible effects on sever security, using FarCry in a Shared Hosting environment doesn’t seem to have a bright future. (Which I would pity because I very much like the CMS.)
Since I am already negotiating the topic with the hosting company, any pointers, suggestions, remarks, support, etc., are highly appreciated.