[hibernate-issues] [Hibernate-JIRA] Created: (HV-552) Need additional AccessController.doPrivileged() for invoking equals() on an instance of Annotation.
Ed Burns (JIRA)
noreply at atlassian.com
Thu Jan 12 10:35:10 EST 2012
Need additional AccessController.doPrivileged() for invoking equals() on an instance of Annotation.
---------------------------------------------------------------------------------------------------
Key: HV-552
URL: http://opensource.atlassian.com/projects/hibernate/browse/HV-552
Project: Hibernate Validator
Issue Type: Bug
Components: engine
Affects Versions: 4.2.0.Final
Environment: AIX
Reporter: Ed Burns
Priority: Trivial
I have a simple servlet that calls some BV apis, like this:
List<String> listOfString = new ArrayList<String>();
listOfString.add("one");
listOfString.add("two");
listOfString.add("three");
Set<ConstraintViolation<Person>> violations =
beanValidator.validateValue(Person.class, "listOfString", listOfString);
However, when the validateValue() call is made a
java.security.AccessControlException exception is thrown.
The code throwing the exception is
org.hibernate.validator.metadata.ConstraintDescriptorImpl.equals(ConstraintDescriptorImpl.java:289).
The code looks innocent enough:
@Override
public boolean equals(Object o) {
if ( this == o ) {
return true;
}
if ( o == null || getClass() != o.getClass() ) {
return false;
}
ConstraintDescriptorImpl<?> that = (ConstraintDescriptorImpl<?>) o;
if ( annotation != null ? !annotation.equals( that.annotation ) : that.annotation != null ) {
return false;
}
return true;
}
The exception is thrown on the invocation of annotation.equals(), as
shown in this stack trace:
[#|2011-09-12T12:47:22.022-0700|WARNING|glassfish3.1.2|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=8;_ThreadName=Thread-11;|StandardWrapperValve[SimpleBVServlet]: PWC1406: Servlet.service() for servlet SimpleBVServlet threw exception
java.security.AccessControlException: Access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
at java.security.AccessController.checkPermission(AccessController.java:108)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:118)
at com.ibm.oti.reflect.AnnotationHelper$AnnotationInvocationHandler.compare(AnnotationHelper.java:186)
at com.ibm.oti.reflect.AnnotationHelper$AnnotationInvocationHandler.invoke(AnnotationHelper.java:111)
at $Proxy15.equals(Unknown Source)
at org.hibernate.validator.metadata.ConstraintDescriptorImpl.equals(ConstraintDescriptorImpl.java:289)
at org.hibernate.validator.metadata.MetaConstraint.equals(MetaConstraint.java:106)
at java.util.ArrayList.contains(ArrayList.java:305)
at org.hibernate.validator.engine.ValidatorImpl.validatePropertyForDefaultGroup(ValidatorImpl.java:821)
at org.hibernate.validator.engine.ValidatorImpl.validatePropertyForCurrentGroup(ValidatorImpl.java:742)
at org.hibernate.validator.engine.ValidatorImpl.validateValueInContext(ValidatorImpl.java:699)
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the hibernate-issues
mailing list