This is an automated email from the ASF dual-hosted git repository.
struberg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/deltaspike.git
The following commit(s) were added to refs/heads/master by this push:
new 8b06c8731 DELTASPIKE-1483 remove SecurityManager
8b06c8731 is described below
commit 8b06c8731eb375f557532f9f70e634a289f302d7
Author: Mark Struberg <[email protected]>
AuthorDate: Tue Aug 5 18:04:55 2025 +0200
DELTASPIKE-1483 remove SecurityManager
---
.../metadata/builder/AnnotatedTypeBuilder.java | 1 -
.../apache/deltaspike/core/util/ClassUtils.java | 32 +--------------
.../deltaspike/core/util/ReflectionUtils.java | 13 +------
.../SetAccessiblePrivilegedAction.java | 45 ----------------------
.../deltaspike/data/impl/property/Reflections.java | 25 ++++--------
.../test/utils/CdiContainerUnderTest.java | 33 +---------------
6 files changed, 11 insertions(+), 138 deletions(-)
diff --git
a/deltaspike/core/api/obsolete/src/main/java/org/apache/deltaspike/core/util/metadata/builder/AnnotatedTypeBuilder.java
b/deltaspike/core/api/obsolete/src/main/java/org/apache/deltaspike/core/util/metadata/builder/AnnotatedTypeBuilder.java
index de40ac025..069463532 100644
---
a/deltaspike/core/api/obsolete/src/main/java/org/apache/deltaspike/core/util/metadata/builder/AnnotatedTypeBuilder.java
+++
b/deltaspike/core/api/obsolete/src/main/java/org/apache/deltaspike/core/util/metadata/builder/AnnotatedTypeBuilder.java
@@ -20,7 +20,6 @@
package org.apache.deltaspike.core.util.metadata.builder;
import org.apache.deltaspike.core.util.ReflectionUtils;
-import
org.apache.deltaspike.core.util.securitymanaged.SetAccessiblePrivilegedAction;
import jakarta.enterprise.inject.spi.Annotated;
import jakarta.enterprise.inject.spi.AnnotatedConstructor;
diff --git
a/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/ClassUtils.java
b/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/ClassUtils.java
index 2672f059f..f105fa4e5 100644
---
a/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/ClassUtils.java
+++
b/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/ClassUtils.java
@@ -25,8 +25,6 @@ import jakarta.enterprise.inject.Vetoed;
import java.lang.reflect.Modifier;
import java.lang.reflect.ParameterizedType;
import java.lang.reflect.Type;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.jar.Manifest;
import java.util.jar.Attributes;
import java.net.URL;
@@ -61,37 +59,9 @@ public abstract class ClassUtils
*/
public static ClassLoader getClassLoader(Object o)
{
- if (System.getSecurityManager() != null)
- {
- return AccessController.doPrivileged(new GetClassLoaderAction(o));
- }
- else
- {
- return getClassLoaderInternal(o);
- }
+ return getClassLoaderInternal(o);
}
- static class GetClassLoaderAction implements PrivilegedAction<ClassLoader>
- {
- private Object object;
- GetClassLoaderAction(Object object)
- {
- this.object = object;
- }
-
- @Override
- public ClassLoader run()
- {
- try
- {
- return getClassLoaderInternal(object);
- }
- catch (Exception e)
- {
- return null;
- }
- }
- }
private static ClassLoader getClassLoaderInternal(Object o)
{
diff --git
a/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/ReflectionUtils.java
b/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/ReflectionUtils.java
index bbf31b275..94dabe3a2 100644
---
a/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/ReflectionUtils.java
+++
b/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/ReflectionUtils.java
@@ -31,19 +31,15 @@ import java.lang.reflect.Modifier;
import java.lang.reflect.ParameterizedType;
import java.lang.reflect.Type;
import java.lang.reflect.WildcardType;
-import java.security.AccessController;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
-import
org.apache.deltaspike.core.util.securitymanaged.SetAccessiblePrivilegedAction;
/**
* Utilities for common reflection based actions. Some are basic Java
Reflection based, others are CDI based.
*/
-//X TODO: Look at merging this with some of the other classes from CODI, or if
they're really needed
-//X TODO: Also some methods need JavaDoc
@Vetoed
public abstract class ReflectionUtils
{
@@ -179,14 +175,7 @@ public abstract class ReflectionUtils
{
if (setAccessible && !method.isAccessible())
{
- if (System.getSecurityManager() != null)
- {
- AccessController.doPrivileged(new
SetAccessiblePrivilegedAction(method));
- }
- else
- {
- method.setAccessible(true);
- }
+ method.setAccessible(true);
}
try
diff --git
a/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/securitymanaged/SetAccessiblePrivilegedAction.java
b/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/securitymanaged/SetAccessiblePrivilegedAction.java
deleted file mode 100644
index d508bd4ee..000000000
---
a/deltaspike/core/api/src/main/java/org/apache/deltaspike/core/util/securitymanaged/SetAccessiblePrivilegedAction.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.deltaspike.core.util.securitymanaged;
-
-import jakarta.enterprise.inject.Vetoed;
-import java.lang.reflect.AccessibleObject;
-import java.security.PrivilegedAction;
-
-/**
- * PrivilegedAction instance to enabling access to the specified {@link
AccessibleObject}.
- * It's only useful if {@link System#getSecurityManager()} returns a {@link
SecurityManager}.
- */
-@Vetoed
-public class SetAccessiblePrivilegedAction implements PrivilegedAction<Void>
-{
- private final AccessibleObject member;
-
- public SetAccessiblePrivilegedAction(AccessibleObject member)
- {
- this.member = member;
- }
-
- public Void run()
- {
- member.setAccessible(true);
- return null;
- }
-}
diff --git
a/deltaspike/modules/data/impl/src/main/java/org/apache/deltaspike/data/impl/property/Reflections.java
b/deltaspike/modules/data/impl/src/main/java/org/apache/deltaspike/data/impl/property/Reflections.java
index d005bfdf8..774f2cd12 100644
---
a/deltaspike/modules/data/impl/src/main/java/org/apache/deltaspike/data/impl/property/Reflections.java
+++
b/deltaspike/modules/data/impl/src/main/java/org/apache/deltaspike/data/impl/property/Reflections.java
@@ -24,8 +24,6 @@ import java.lang.reflect.AccessibleObject;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.HashSet;
import java.util.Set;
@@ -153,25 +151,19 @@ public class Reflections
/**
* Set the accessibility flag on the {@link AccessibleObject} as described
in
- * {@link AccessibleObject#setAccessible(boolean)} within the context of a
{@link PrivilegedAction}.
+ * {@link AccessibleObject#setAccessible(boolean)}.
*
* @param <A>
* member the accessible object type
* @param member
* the accessible object
* @return the accessible object after the accessible flag has been altered
+ * @deprecated call method directly as SecurityManager got deprecated and
will soon be removed from Java
*/
+ @Deprecated
public static <A extends AccessibleObject> A setAccessible(final A member)
{
- AccessController.doPrivileged(new PrivilegedAction<Void>()
- {
- @Override
- public Void run()
- {
- member.setAccessible(true);
- return null;
- }
- });
+ member.setAccessible(true);
return member;
}
@@ -202,7 +194,7 @@ public class Reflections
* </p>
* <p/>
* <p>
- * This method attempts to set the accessible flag of the method in a
{@link PrivilegedAction} before invoking the
+ * This method attempts to set the accessible flag of the method before
invoking the
* method if the first argument is true.
* </p>
* <p/>
@@ -252,7 +244,7 @@ public class Reflections
* </p>
* <p/>
* <p>
- * If instructed, this method attempts to set the accessible flag of the
method in a {@link PrivilegedAction} before
+ * If instructed, this method attempts to set the accessible flag of the
method before
* invoking the method.
* </p>
*
@@ -329,8 +321,7 @@ public class Reflections
* <p/>
* <p>
* This method provides the same functionality and throws the same
exceptions as
- * {@link Reflections#setFieldValue(boolean, Method, Class, Object,
Object...)}, honoring the accessibility of the
- * field.
+ * {@link Reflections#setFieldValue(boolean, Field, Object, Object)}
* </p>
*/
public static void setFieldValue(Field field, Object instance, Object
value)
@@ -349,7 +340,7 @@ public class Reflections
* </p>
* <p/>
* <p>
- * If instructed, this method attempts to set the accessible flag of the
method in a {@link PrivilegedAction} before
+ * If instructed, this method attempts to set the accessible flag of the
method before
* invoking the method.
* </p>
*
diff --git
a/deltaspike/test-utils/src/main/java/org/apache/deltaspike/test/utils/CdiContainerUnderTest.java
b/deltaspike/test-utils/src/main/java/org/apache/deltaspike/test/utils/CdiContainerUnderTest.java
index 5400b9cd9..003509038 100644
---
a/deltaspike/test-utils/src/main/java/org/apache/deltaspike/test/utils/CdiContainerUnderTest.java
+++
b/deltaspike/test-utils/src/main/java/org/apache/deltaspike/test/utils/CdiContainerUnderTest.java
@@ -19,8 +19,6 @@
package org.apache.deltaspike.test.utils;
import java.net.URL;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.jar.Attributes;
import java.util.jar.Manifest;
@@ -121,14 +119,7 @@ public class CdiContainerUnderTest
private static ClassLoader getClassLoader(Object o)
{
- if (System.getSecurityManager() != null)
- {
- return AccessController.doPrivileged(new GetClassLoaderAction(o));
- }
- else
- {
- return getClassLoaderInternal(o);
- }
+ return getClassLoaderInternal(o);
}
private static ClassLoader getClassLoaderInternal(Object o)
@@ -203,26 +194,4 @@ public class CdiContainerUnderTest
return classLocation.substring(0, classLocation.indexOf(classFilePath)
- 1) + manifestFilePath;
}
- private static class GetClassLoaderAction implements
PrivilegedAction<ClassLoader>
- {
- private Object object;
-
- GetClassLoaderAction(Object object)
- {
- this.object = object;
- }
-
- @Override
- public ClassLoader run()
- {
- try
- {
- return getClassLoaderInternal(object);
- }
- catch (Exception e)
- {
- return null;
- }
- }
- }
}
