AccessControlException ReflectionUtils.findMethod
adrian.brock Sep 5, 2008 11:10 AMUpdating the MC to use the latest jboss-reflection shows the
change to ReflectionUtils.findMethod() to use getDeclaredMethod()
is breaking code that doesn't have permission to getDeclaredMethods
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.167 sec <<< FAILURE! testContainerInjection(org.jboss.test.kernel.deployment.test.BeanContainerInjectionTestCase) Time elapsed: 0.03 sec <<< ERROR! java.security.AccessControlException: access denied (java.lang.RuntimePermission accessDeclaredMembers) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264) at java.security.AccessController.checkPermission(AccessController.java:427) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) at java.lang.SecurityManager.checkMemberAccess(SecurityManager.java:1662) at java.lang.Class.checkMemberAccess(Class.java:2125) at java.lang.Class.getDeclaredMethods(Class.java:1762) at org.jboss.reflect.plugins.introspection.ReflectionUtils.findMethod(ReflectionUtils.java:230) at org.jboss.reflect.plugins.introspection.ReflectionUtils.findMethod(ReflectionUtils.java:248) at org.jboss.metadata.plugins.loader.reflection.AnnotatedElementMetaDataLoader.getComponentMetaDataRetrieval(AnnotatedElementMetaDataLoader.java:148) at org.jboss.metadata.spi.retrieval.MetaDataRetrievalToMetaDataBridge.getComponentMetaData(MetaDataRetrievalToMetaDataBridge.java:160) at org.jboss.kernel.plugins.annotations.CommonAnnotationAdapter.handleMethod(CommonAnnotationAdapter.java:352) at org.jboss.kernel.plugins.annotations.CommonAnnotationAdapter.handleAnnotations(CommonAnnotationAdapter.java:258) at org.jboss.kernel.plugins.annotations.AbstractMetaDataAnnotationAdapter.applyAnnotations(AbstractMetaDataAnnotationAdapter.java:39) at org.jboss.kernel.spi.annotations.AnnotationToBeanMetaDataFactory.fillBeanMetaData(AnnotationToBeanMetaDataFactory.java:248) at org.jboss.kernel.spi.annotations.AnnotationToBeanMetaDataFactory.createBeanMetaData(AnnotationToBeanMetaDataFactory.java:123) at org.jboss.test.kernel.deployment.test.BeanContainerInjectionTestCase.testContainerInjection(BeanContainerInjectionTestCase.java:49)
We obviously don't want to leak this permission by putting privileged blocks
in ReflectionUtils so we need to introduce privileged blocks in
AnnotatedElementMetaDataLoader.
Where else uses ReflectionUtils.findXXX() ?