[XW-661] Avoid calling setAccessible(true) which causes SecurityException - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.1.2
Component/s: None
Labels:
None

Description

In com.opensymphony.xwork2.inject.ContainerImpl.Field/Method/ConstructorInjector, there are calls to setAccessible(true), which will cause a SecurityException unless there is a grant for java.lang.reflect.ReflectPermission suppressAccessChecks. It is unknown whether the calls to setAccessibility(true) are necessary. There may be non-public methods passed into here in which there is no workaround, but if the accessibility of the field/method/constructor is already public, there is no reason to call this, so that can be a slight avoidance measure.

Attachments

Activity

People

Assignee:: Disabled - L-u-k-a-s-z Lenart - OpenSymphony

Reporter:: Eddy Chan

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 30/Oct/08 17:51

Updated:: 05/Aug/09 01:37

Resolved:: 19/Dec/08 14:11