[hibernate-issues] [Hibernate-JIRA] Updated: (HV-552) Need additional AccessController.doPrivileged() for invoking equals() on an instance of Annotation.

Hardy Ferentschik (JIRA) noreply at atlassian.com
Mon Jan 16 05:59:10 EST 2012


     [ http://opensource.atlassian.com/projects/hibernate/browse/HV-552?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Hardy Ferentschik updated HV-552:
---------------------------------

    Fix Version/s:     (was: 4.3.0.next)

> Need additional AccessController.doPrivileged() for invoking equals() on an instance of Annotation.
> ---------------------------------------------------------------------------------------------------
>
>                 Key: HV-552
>                 URL: http://opensource.atlassian.com/projects/hibernate/browse/HV-552
>             Project: Hibernate Validator
>          Issue Type: Bug
>          Components: engine
>    Affects Versions: 4.2.0.Final
>         Environment: AIX
>            Reporter: Ed Burns
>            Assignee: Hardy Ferentschik
>            Priority: Trivial
>         Attachments: i_hv_522.patch
>
>
> I have a simple servlet that calls some BV apis, like this:
> {code}
>         List<String> listOfString = new ArrayList<String>();
>         listOfString.add("one");
>         listOfString.add("two");
>         listOfString.add("three");
>         Set<ConstraintViolation<Person>> violations =
>                 beanValidator.validateValue(Person.class, "listOfString", listOfString);
> {code}
> However, when the _validateValue()_ call is made a _java.security.AccessControlException_ exception is thrown.  
> The code throwing the exception is 
> {code}
> org.hibernate.validator.metadata.ConstraintDescriptorImpl.equals(ConstraintDescriptorImpl.java:289).
> {code}
> The code looks innocent enough:
> {code}
> 	@Override
> 	public boolean equals(Object o) {
> 		if ( this == o ) {
> 			return true;
> 		}
> 		if ( o == null || getClass() != o.getClass() ) {
> 			return false;
> 		}
> 		ConstraintDescriptorImpl<?> that = (ConstraintDescriptorImpl<?>) o;
> 		if ( annotation != null ? !annotation.equals( that.annotation ) : that.annotation != null ) {
> 			return false;
> 		}
> 		return true;
> 	}
> {code}
> The exception is thrown on the invocation of _annotation.equals()_, as
> shown in this stack trace:
> {noformat}
> [#|2011-09-12T12:47:22.022-0700|WARNING|glassfish3.1.2|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=8;_ThreadName=Thread-11;|StandardWrapperValve[SimpleBVServlet]: PWC1406: Servlet.service() for servlet SimpleBVServlet threw exception
> java.security.AccessControlException: Access denied (java.lang.reflect.ReflectPermission suppressAccessChecks)
> 	at java.security.AccessController.checkPermission(AccessController.java:108)
> 	at java.lang.SecurityManager.checkPermission(SecurityManager.java:544)
> 	at java.lang.reflect.AccessibleObject.setAccessible(AccessibleObject.java:118)
> 	at com.ibm.oti.reflect.AnnotationHelper$AnnotationInvocationHandler.compare(AnnotationHelper.java:186)
> 	at com.ibm.oti.reflect.AnnotationHelper$AnnotationInvocationHandler.invoke(AnnotationHelper.java:111)
> 	at $Proxy15.equals(Unknown Source)
> 	at org.hibernate.validator.metadata.ConstraintDescriptorImpl.equals(ConstraintDescriptorImpl.java:289)
> 	at org.hibernate.validator.metadata.MetaConstraint.equals(MetaConstraint.java:106)
> 	at java.util.ArrayList.contains(ArrayList.java:305)
> 	at org.hibernate.validator.engine.ValidatorImpl.validatePropertyForDefaultGroup(ValidatorImpl.java:821)
> 	at org.hibernate.validator.engine.ValidatorImpl.validatePropertyForCurrentGroup(ValidatorImpl.java:742)
> 	at org.hibernate.validator.engine.ValidatorImpl.validateValueInContext(ValidatorImpl.java:699)
> {noformat}

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        


More information about the hibernate-issues mailing list