I guess i found a little bug which was introduced by the usage of byte buddy as a byte code enhancer. The issue can be fixed quite simply, but it's very crutial since hibernate does not work if a security manager is in place. let me try to explain my discovery: Within the class HibernateMethodLookupDispatcher is a static property authorizedClasses. This is nice, since i see that all my Byte Buddy Enhanced Beans are in there. ch.carnet.bo.xxx$HibernateProxy$KMjF1hvl ch.carnet.bo.yyy$HibernateProxy$N7p0Y4Ea ch.carnet.bo.zzz$HibernateProxy$f9HFlBtl ... (a lot more) But. There's one crutial class missing: org.hibernate.bytecode.internal.bytebuddy.HibernateMethodLookupDispatcher Later while processing, my debugger hit's the line 74:
if ( !authorizedClasses.contains( callerClass.getName() ) ) {
throw new SecurityException( "Unauthorized call by class " + callerClass );
}
with that line all my beans can no longer be processed. this is resulting in a missleading Error: ERROR org.hibernate.proxy.pojo.bytebuddy.ByteBuddyProxyFactory - HHH000142: Bytecode enhancement failed: ch.carnet.cfms Since i do not know hibernate to the very last detail, i'm not sure if
- this call by org.hibernate.bytecode.internal.bytebuddy.HibernateMethodLookupDispatcher is correct
- or the call should not come from the class HibernateMethodLookupDispatcher itself
But assuming the call is made correctly by HibernateMethodLookupDispatcher, i tested one simple thing. using my debuger in dev i added the class HibernateMethodLookupDispatcher to the authorizedClasses before line 73 was hit. After i did that, everything worked perfectly. My beans are Processed, even though a Security Manager was active. So my basic question here is: can you add HibernateMethodLookupDispatcher to authorizedClasses, so that the class is allowed to call my bean methods, since that's the main intention behind HibernateMethodLookupDispatcher after all, isn't it? =) Best Regards, Synto |