Hi, I'm experimenting it with JexlSandbox (for blackbox mode) of v3.1 like the following example:
JexlSandbox sandbox = new JexlSandbox(false); sandbox.white(IFoo.class.getName()); // ... JexlEngine engine = new JexlBuilder().sandbox(sandbox).create(); But if I put an instance of FooImpl (implementing IFoo interface) for instance, the JEXL interpreter doesn't seem to be able to resolve IFoo's methods. If I add FooImpl.class.getName() to the white list, then it starts resolving the method call without a problem. So, I assume the sandbox permission handling might be checking the implementation class name only. Is it true? If so, wouldn't it be nice if it can check its interfaces as well? When providing an interpreting env using JEXL, I think it's very common to separate the interfaces from various implementations. Regards, Woonsan --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@commons.apache.org For additional commands, e-mail: user-h...@commons.apache.org