I'm making Hibernate Validator SecurityManager friendly. I have a few
question wrt Java security.
I have been told to wrap any reflection call into
AccessController.doPrivileged
so that if HV is granted reflection privilege, the SM won't complain.
Now I do not want to wrap all my reflection calls into
AccessController.doPrivileged
Here are my questions:
- how do I know that a SecurityManager as been activated?
It seems to me that System.getSecurityManager() != null does the
trick
- how "slow" is this AccessController.doPrivileged wrapping in
practice?
- does JBoss use a SM OOTB?
Thanks
Emmanuel