What it does is public ClassLoader getClassLoader() { // looks like Javassist ClassPool::getClassLoader // doesn't check for security, so we should SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(GET_CLASSLOADER_PERMISSION); return JavassistUtil.getClassLoader(ctClass); } JavassistUtil: static ClassLoader getClassLoader(CtClass ctClass) { ClassPool pool = ctClass.getClassPool(); return (pool != null) ? pool.getClassLoader() : null; } Do you have something different in mind? I have commented out that security check while looking into other issues. On 16 Mar 2010, at 13:09, Ales Justin wrote: