[jboss-jira] [JBoss JIRA] Commented: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Attachments: jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)