Adrian Brock [http://community.jboss.org/people/adrian%40jboss.org] replied to the discussion
"Testing jboss-reflect with a SecurityManager enabled" To view the discussion, visit: http://community.jboss.org/message/534039#534039 -------------------------------------------------------------- > Kabir Khan wrote: > > The next problem is the Javassist version of the > Field-/MethodAccessRestrictionTestCase. These fail since the javassist > generated accessors (from JBREFLECT-6) are able to access private members, > due to inheriting from sun.reflect.MagicAccessorImpl, so we don't get the > expected exceptions when calling private members with a security manager > enabled. My plan there is to modify JavassistFieldInfo and > JavassistMethodInfo to throw an exception if an attempt is made to access > them if they are not public and there is a security manager present. No, if there is a SecurityManager you should do a similar check to what is done by the Reflection based api, i.e. whether the caller has the "suppressAccessChecks" permission. See ReflectionMethodInfoImpl. P.S. I don't think you've solved the whole problem, see https://jira.jboss.org/jira/browse/JBREFLECT-2 https://jira.jboss.org/jira/browse/JBREFLECT-2 e.g. the MagicAccessorImpl trick doesn't work on jrockit for classes outside the bootstrap classloader. -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/534039#534039] Start a new discussion in JBoss Microcontainer Development at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2115]
_______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
