Hello Berin! BL> Geiger, Marco (FF) wrote:
FF> an Info : FF> the using of the Reflection-API in Fortress FF> isn?t generally denied. The EJB-Spec does only not allow to access FF> information FF> about security, but normal Reflection for Classes is therefore allowed. FF> (the classloading-mechanism is the bigger problem, and knock-down-criteria FF> for me) BL> Ok, so the klass.newInstance() and method.invoke(...) _are_ allowed? BL> How about Proxy or Byte Code generation? I don't know the answer but I understand that if we use the noop wrappers we're safe anyway, aren't we? BTW is Reflection used anywhere else but in the wrapper generation (if it's proxy wrapper generator) and in overcoming the shortage of Exception.getCause() in the loggers? IMO the greatest next showstopper for such managed environment as EJB is that we won't be allowed to launch our own threads, isn't _that_ the biggest issue (given we're okay with no-op wrappers and that our JDK is 1.4 and it does have Exception.getCause() ) ? BL> For instance IBM WebSphere BL> (last I used it was 3.5) did not allow you to get resources from the BL> classloader. It sounds like being plainly broken! -Anton --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
