[cdi-dev] [JBoss JIRA] (CDI-731) Default methods in Annotated hierarchy should use privileged blocs

Antoine Sabot-Durand (JIRA) issues at jboss.org
Wed Jun 27 08:51:00 EDT 2018

    [ https://issues.jboss.org/browse/CDI-731?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13597711#comment-13597711 ] 

Antoine Sabot-Durand commented on CDI-731:

When I launch test in https://github.com/antoinesd/cdi-spec/tree/master/api/src/test/java/org/jboss/cdi/api/test/annotated with security manager I have ACE stack traces on the tests related to the interface above. They're like:

java.security.AccessControlException: access denied ("java.lang.reflect.ReflectPermission" "suppressAccessChecks")
	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
	at java.security.AccessController.checkPermission(AccessController.java:884)
	at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
	at javax.enterprise.inject.spi.AnnotatedMethod.getAnnotations(AnnotatedMethod.java:49)
	at org.jboss.cdi.api.test.annotated.AbstractAnnotatedTest.shouldFindAnnotationsOnAnnotated(AbstractAnnotatedTest.java:36)
... Removed 34 stack frames

> Default methods in Annotated hierarchy should use privileged blocs
> ------------------------------------------------------------------
>                 Key: CDI-731
>                 URL: https://issues.jboss.org/browse/CDI-731
>             Project: CDI Specification Issues
>          Issue Type: Bug
>          Components: Javadoc and API
>    Affects Versions: 2.0 .Final
>            Reporter: Antoine Sabot-Durand
>            Assignee: Antoine Sabot-Durand
>             Fix For: 2.0.SP1
> To deal with repearting annotatiosn (see CDI-471), CDI 2.0 introduced default method {{getAnnotations}}, in the following interfaces:
> * {{AnnotatedConstructor}}
> * {{AnnotatedField}}
> * {{AnnotatedMethod}}
> * {{AnnotatedParameter}}
> * {{AnnotatedType}}
> These methods make use of reflection and thus should use privileged blocs when used with a security manager

This message was sent by Atlassian JIRA

More information about the cdi-dev mailing list