Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
In com.opensymphony.xwork2.inject.ContainerImpl.Field/Method/ConstructorInjector, there are calls to setAccessible(true), which will cause a SecurityException unless there is a grant for java.lang.reflect.ReflectPermission suppressAccessChecks. It is unknown whether the calls to setAccessibility(true) are necessary. There may be non-public methods passed into here in which there is no workaround, but if the accessibility of the field/method/constructor is already public, there is no reason to call this, so that can be a slight avoidance measure.