From 3953d3e72bdfcab44566a722381ecd08e2f644b1 Mon Sep 17 00:00:00 2001 From: "David M. Lloyd" Date: Tue, 8 May 2018 10:11:13 -0500 Subject: [PATCH 1/4] HHH-10435 Create class loaders in a privileged block --- .../classloading/internal/ClassLoaderServiceImpl.java | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java b/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java index 26dade5d3fb6..fa18b904f6a1 100644 --- a/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java +++ b/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java @@ -11,6 +11,8 @@ import java.lang.reflect.InvocationHandler; import java.lang.reflect.Proxy; import java.net.URL; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; @@ -91,7 +93,11 @@ public ClassLoaderServiceImpl(Collection providedClassLoaders) { } // now build the aggregated class loader... - this.aggregatedClassLoader = new AggregatedClassLoader( orderedClassLoaderSet ); + this.aggregatedClassLoader = AccessController.doPrivileged(new PrivilegedAction() { + public AggregatedClassLoader run() { + return new AggregatedClassLoader( orderedClassLoaderSet ); + } + }); } /** From 5d49dfff68394140281a0855ef10a52c70e61f93 Mon Sep 17 00:00:00 2001 From: Chris Cranford Date: Wed, 11 Jul 2018 13:01:51 -0400 Subject: [PATCH 2/4] HHH-12542 - Add necessary privileged action blocks for SecurityManager used on WildFly. (cherry picked from commit d24685de6776d5df9eb7cdb08bbb96c1ca40c60c) --- .../boot/cfgxml/internal/ConfigLoader.java | 49 ++++--- .../boot/jaxb/internal/AbstractBinder.java | 16 ++- .../internal/ClassLoaderServiceImpl.java | 132 ++++++++++------- .../hibernate/internal/util/ConfigHelper.java | 49 ++++--- .../internal/util/ReflectHelper.java | 135 +++++++++++++----- .../tuple/entity/PojoEntityTuplizer.java | 55 ++++--- .../jpa/CallbackBuilderLegacyImpl.java | 17 ++- .../internal/metamodel/MetadataContext.java | 29 +++- .../reader/AuditedPropertiesReader.java | 31 +++- 9 files changed, 349 insertions(+), 164 deletions(-) diff --git a/hibernate-core/src/main/java/org/hibernate/boot/cfgxml/internal/ConfigLoader.java b/hibernate-core/src/main/java/org/hibernate/boot/cfgxml/internal/ConfigLoader.java index ab094f769bc8..f911c09af350 100644 --- a/hibernate-core/src/main/java/org/hibernate/boot/cfgxml/internal/ConfigLoader.java +++ b/hibernate-core/src/main/java/org/hibernate/boot/cfgxml/internal/ConfigLoader.java @@ -12,6 +12,8 @@ import java.io.IOException; import java.io.InputStream; import java.net.URL; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Properties; import org.hibernate.boot.cfgxml.spi.LoadedConfig; @@ -47,28 +49,35 @@ public ConfigLoader(BootstrapServiceRegistry bootstrapServiceRegistry) { this.bootstrapServiceRegistry = bootstrapServiceRegistry; } - public LoadedConfig loadConfigXmlResource(String cfgXmlResourceName) { - final InputStream stream = bootstrapServiceRegistry.getService( ClassLoaderService.class ).locateResourceStream( cfgXmlResourceName ); - if ( stream == null ) { - throw new ConfigurationException( "Could not locate cfg.xml resource [" + cfgXmlResourceName + "]" ); - } - - try { - final JaxbCfgHibernateConfiguration jaxbCfg = jaxbProcessorHolder.getValue().unmarshal( - stream, - new Origin( SourceType.RESOURCE, cfgXmlResourceName ) - ); + public LoadedConfig loadConfigXmlResource(final String cfgXmlResourceName) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public JaxbCfgHibernateConfiguration run() { + final InputStream stream = bootstrapServiceRegistry.getService( ClassLoaderService.class ).locateResourceStream( cfgXmlResourceName ); + if ( stream == null ) { + throw new ConfigurationException( "Could not locate cfg.xml resource [" + cfgXmlResourceName + "]" ); + } - return LoadedConfig.consume( jaxbCfg ); - } - finally { - try { - stream.close(); - } - catch (IOException e) { - log.debug( "Unable to close cfg.xml resource stream", e ); + try { + return jaxbProcessorHolder.getValue().unmarshal( + stream, + new Origin( SourceType.RESOURCE, cfgXmlResourceName ) + ); + } + finally { + try { + stream.close(); + } + catch ( IOException e ) { + log.debug( "Unable to close cfg.xml resource stream", e ); + } + } } - } + }; + + return LoadedConfig.consume( + System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run() + ); } public LoadedConfig loadConfigXmlFile(File cfgXmlFile) { diff --git a/hibernate-core/src/main/java/org/hibernate/boot/jaxb/internal/AbstractBinder.java b/hibernate-core/src/main/java/org/hibernate/boot/jaxb/internal/AbstractBinder.java index 79ef80e06089..c9023fd619f0 100644 --- a/hibernate-core/src/main/java/org/hibernate/boot/jaxb/internal/AbstractBinder.java +++ b/hibernate-core/src/main/java/org/hibernate/boot/jaxb/internal/AbstractBinder.java @@ -7,6 +7,9 @@ package org.hibernate.boot.jaxb.internal; import java.io.InputStream; +import java.security.AccessController; +import java.security.PrivilegedAction; + import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; @@ -96,10 +99,17 @@ protected XMLEventReader createReader(Source source, Origin origin) { } } - private Binding doBind(XMLEventReader eventReader, Origin origin) { + private Binding doBind(final XMLEventReader eventReader, final Origin origin) { try { - final StartElement rootElementStartEvent = seekRootElementStartEvent( eventReader, origin ); - return doBind( eventReader, rootElementStartEvent, origin ); + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Binding run() { + final StartElement rootElementStartEvent = seekRootElementStartEvent( eventReader, origin ); + return doBind( eventReader, rootElementStartEvent, origin ); + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } finally { try { diff --git a/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java b/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java index fa18b904f6a1..91d5eabd7021 100644 --- a/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java +++ b/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java @@ -93,11 +93,16 @@ public ClassLoaderServiceImpl(Collection providedClassLoaders) { } // now build the aggregated class loader... - this.aggregatedClassLoader = AccessController.doPrivileged(new PrivilegedAction() { + final PrivilegedAction action = new PrivilegedAction() { + @Override public AggregatedClassLoader run() { return new AggregatedClassLoader( orderedClassLoaderSet ); } - }); + }; + + this.aggregatedClassLoader = System.getSecurityManager() != null + ? AccessController.doPrivileged( action ) + : action.run(); } /** @@ -227,50 +232,63 @@ protected Class findClass(String name) throws ClassNotFoundException { @Override @SuppressWarnings({"unchecked"}) - public Class classForName(String className) { - try { - return (Class) Class.forName( className, true, getAggregatedClassLoader() ); - } - catch (Exception e) { - throw new ClassLoadingException( "Unable to load class [" + className + "]", e ); - } - catch (LinkageError e) { - throw new ClassLoadingException( "Unable to load class [" + className + "]", e ); - } + public Class classForName(final String className) { + final PrivilegedAction> action = new PrivilegedAction>() { + @Override + public Class run() { + try { + return (Class) Class.forName( className, true, getAggregatedClassLoader() ); + } + catch (Exception e) { + throw new ClassLoadingException( "Unable to load class [" + className + "]", e ); + } + catch (LinkageError e) { + throw new ClassLoadingException( "Unable to load class [" + className + "]", e ); + } + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } @Override - public URL locateResource(String name) { - // first we try name as a URL - try { - return new URL( name ); - } - catch (Exception ignore) { - } - - try { - final URL url = getAggregatedClassLoader().getResource( name ); - if ( url != null ) { - return url; - } - } - catch (Exception ignore) { - } + public URL locateResource(final String name) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public URL run() { + try { + return new URL( name ); + } + catch (Exception ignore) { + } - if ( name.startsWith( "/" ) ) { - name = name.substring( 1 ); + try { + final URL url = getAggregatedClassLoader().getResource( name ); + if ( url != null ) { + return url; + } + } + catch (Exception ignore) { + } - try { - final URL url = getAggregatedClassLoader().getResource( name ); - if ( url != null ) { - return url; + if ( name.startsWith( "/" ) ) { + final String resourceName = name.substring( 1 ); + + try { + final URL url = getAggregatedClassLoader().getResource( resourceName ); + if ( url != null ) { + return url; + } + } + catch (Exception ignore) { + } } + + return null; } - catch (Exception ignore) { - } - } + }; - return null; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } @Override @@ -336,17 +354,23 @@ public List locateResources(String name) { @Override @SuppressWarnings("unchecked") - public Collection loadJavaServices(Class serviceContract) { - ServiceLoader serviceLoader = serviceLoaders.get( serviceContract ); - if ( serviceLoader == null ) { - serviceLoader = ServiceLoader.load( serviceContract, getAggregatedClassLoader() ); - serviceLoaders.put( serviceContract, serviceLoader ); - } - final LinkedHashSet services = new LinkedHashSet(); - for ( S service : serviceLoader ) { - services.add( service ); - } - return services; + public Collection loadJavaServices(final Class serviceContract) { + final PrivilegedAction> action = new PrivilegedAction>() { + @Override + public Collection run() { + ServiceLoader serviceLoader = serviceLoaders.get( serviceContract ); + if ( serviceLoader == null ) { + serviceLoader = ServiceLoader.load( serviceContract, getAggregatedClassLoader() ); + serviceLoaders.put( serviceContract, serviceLoader ); + } + final LinkedHashSet services = new LinkedHashSet(); + for ( S service : serviceLoader ) { + services.add( service ); + } + return services; + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } @Override @@ -360,8 +384,14 @@ public T generateProxy(InvocationHandler handler, Class... interfaces) { } @Override - public T workWithClassLoader(Work work) { - return work.doWork( getAggregatedClassLoader() ); + public T workWithClassLoader(final Work work) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public T run() { + return work.doWork( getAggregatedClassLoader() ); + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } private ClassLoader getAggregatedClassLoader() { diff --git a/hibernate-core/src/main/java/org/hibernate/internal/util/ConfigHelper.java b/hibernate-core/src/main/java/org/hibernate/internal/util/ConfigHelper.java index f87581521cb8..70115c6b175f 100644 --- a/hibernate-core/src/main/java/org/hibernate/internal/util/ConfigHelper.java +++ b/hibernate-core/src/main/java/org/hibernate/internal/util/ConfigHelper.java @@ -10,6 +10,8 @@ import java.io.InputStream; import java.net.MalformedURLException; import java.net.URL; +import java.security.AccessController; +import java.security.PrivilegedAction; import org.hibernate.HibernateException; import org.hibernate.cfg.Environment; @@ -112,29 +114,34 @@ public static InputStream getConfigStream(final String path) throws HibernateExc private ConfigHelper() { } - public static InputStream getResourceAsStream(String resource) { - String stripped = resource.startsWith( "/" ) - ? resource.substring( 1 ) - : resource; - - InputStream stream = null; - ClassLoader classLoader = Thread.currentThread().getContextClassLoader(); - if ( classLoader != null ) { - stream = classLoader.getResourceAsStream( stripped ); - } - if ( stream == null ) { - stream = Environment.class.getResourceAsStream( resource ); - } - if ( stream == null ) { - stream = Environment.class.getClassLoader().getResourceAsStream( stripped ); - } - if ( stream == null ) { - throw new HibernateException( resource + " not found" ); - } - return stream; + public static InputStream getResourceAsStream(final String resource) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public InputStream run() { + String stripped = resource.startsWith( "/" ) + ? resource.substring( 1 ) + : resource; + + InputStream stream = null; + ClassLoader classLoader = Thread.currentThread().getContextClassLoader(); + if ( classLoader != null ) { + stream = classLoader.getResourceAsStream( stripped ); + } + if ( stream == null ) { + stream = Environment.class.getResourceAsStream( resource ); + } + if ( stream == null ) { + stream = Environment.class.getClassLoader().getResourceAsStream( stripped ); + } + if ( stream == null ) { + throw new HibernateException( resource + " not found" ); + } + return stream; + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } - public static InputStream getUserResourceAsStream(String resource) { boolean hasLeadingSlash = resource.startsWith( "/" ); String stripped = hasLeadingSlash ? resource.substring( 1 ) : resource; diff --git a/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java b/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java index 3d16239db179..57cc35339cd9 100644 --- a/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java +++ b/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java @@ -7,11 +7,14 @@ package org.hibernate.internal.util; import java.beans.Introspector; +import java.lang.reflect.AccessibleObject; import java.lang.reflect.Constructor; import java.lang.reflect.Field; import java.lang.reflect.Member; import java.lang.reflect.Method; import java.lang.reflect.Modifier; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Locale; import java.util.regex.Pattern; @@ -231,8 +234,15 @@ public static Class reflectedPropertyClass(Class clazz, String name) throws Mapp return getter( clazz, name ).getReturnType(); } - private static Getter getter(Class clazz, String name) throws MappingException { - return PropertyAccessStrategyMixedImpl.INSTANCE.buildPropertyAccess( clazz, name ).getGetter(); + private static Getter getter(final Class clazz, final String name) throws MappingException { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Getter run() { + return PropertyAccessStrategyMixedImpl.INSTANCE.buildPropertyAccess( clazz, name ).getGetter(); + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } public static Object getConstantValue(String name, SessionFactoryImplementor factory) { @@ -264,21 +274,28 @@ public static Object getConstantValue(String name, SessionFactoryImplementor fac * @return The default constructor. * @throws PropertyNotFoundException Indicates there was not publicly accessible, no-arg constructor (todo : why PropertyNotFoundException???) */ - public static Constructor getDefaultConstructor(Class clazz) throws PropertyNotFoundException { + public static Constructor getDefaultConstructor(final Class clazz) throws PropertyNotFoundException { if ( isAbstractClass( clazz ) ) { return null; } - try { - Constructor constructor = clazz.getDeclaredConstructor( NO_PARAM_SIGNATURE ); - constructor.setAccessible( true ); - return constructor; - } - catch ( NoSuchMethodException nme ) { - throw new PropertyNotFoundException( - "Object class [" + clazz.getName() + "] must declare a default (no-argument) constructor" - ); - } + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Constructor run() { + try { + Constructor constructor = clazz.getDeclaredConstructor( NO_PARAM_SIGNATURE ); + ensureAccessibility( constructor ); + return constructor; + } + catch (NoSuchMethodException e) { + throw new PropertyNotFoundException( + "Object class [" + clazz.getName() + "] must declare a default (no-argument) constructor" + ); + } + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } /** @@ -344,16 +361,23 @@ public static Constructor getConstructor(Class clazz, Type[] types) throws Prope } - public static Method getMethod(Class clazz, Method method) { - try { - return clazz.getMethod( method.getName(), method.getParameterTypes() ); - } - catch (Exception e) { - return null; - } + public static Method getMethod(final Class clazz, final Method method) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Method run() { + try { + return clazz.getMethod( method.getName(), method.getParameterTypes() ); + } + catch (Exception e){ + return null; + } + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } - public static Field findField(Class containerClass, String propertyName) { + public static Field findField(final Class containerClass, final String propertyName) { if ( containerClass == null ) { throw new IllegalArgumentException( "Class on which to find field [" + propertyName + "] cannot be null" ); } @@ -361,8 +385,14 @@ else if ( containerClass == Object.class ) { throw new IllegalArgumentException( "Illegal attempt to locate field [" + propertyName + "] on Object.class" ); } - Field field = locateField( containerClass, propertyName ); + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Field run() { + return locateField( containerClass, propertyName ); + } + }; + final Field field = System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); if ( field == null ) { throw new PropertyNotFoundException( String.format( @@ -378,6 +408,25 @@ else if ( containerClass == Object.class ) { return field; } + public static void ensureAccessibility(final AccessibleObject accessibleObject) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Object run() { + if ( !accessibleObject.isAccessible() ) { + accessibleObject.setAccessible( true ); + } + return null; + } + }; + + if ( System.getSecurityManager() != null ) { + AccessController.doPrivileged( action ); + } + else { + action.run(); + } + } + private static Field locateField(Class clazz, String propertyName) { if ( clazz == null || Object.class.equals( clazz ) ) { return null; @@ -431,7 +480,7 @@ public static Method findGetterMethod(Class containerClass, String propertyName) } private static Method getGetterOrNull(Class containerClass, String propertyName) { - for ( Method method : containerClass.getDeclaredMethods() ) { + for ( Method method : getDeclaredMethods( containerClass ) ) { // if the method has parameters, skip it if ( method.getParameterTypes().length != 0 ) { continue; @@ -474,15 +523,37 @@ private static void verifyNoIsVariantExists( String propertyName, Method getMethod, String stemName) { - // verify that the Class does not also define a method with the same stem name with 'is' - try { - final Method isMethod = containerClass.getDeclaredMethod( "is" + stemName ); + final Method isMethod = getDeclaredMethod( containerClass, "is" + stemName ); + if ( isMethod != null ) { // No such method should throw the caught exception. So if we get here, there was // such a method. checkGetAndIsVariants( containerClass, propertyName, getMethod, isMethod ); } - catch (NoSuchMethodException ignore) { - } + } + + private static Method getDeclaredMethod(final Class containerClass, final String methodName) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Method run() { + try { + return containerClass.getDeclaredMethod( methodName ); + } + catch (NoSuchMethodException ignore) { + return null; + } + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); + } + + private static Method[] getDeclaredMethods(final Class containerClass) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Method[] run() { + return containerClass.getDeclaredMethods(); + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } private static void checkGetAndIsVariants( @@ -513,14 +584,12 @@ private static void verifyNoGetVariantExists( Method isMethod, String stemName) { // verify that the Class does not also define a method with the same stem name with 'is' - try { - final Method getMethod = containerClass.getDeclaredMethod( "get" + stemName ); + final Method getMethod = getDeclaredMethod( containerClass, "get" + stemName ); + if ( getMethod != null ) { // No such method should throw the caught exception. So if we get here, there was // such a method. checkGetAndIsVariants( containerClass, propertyName, getMethod, isMethod ); } - catch (NoSuchMethodException ignore) { - } } public static Method findSetterMethod(Class containerClass, String propertyName, Class propertyType) { @@ -565,7 +634,7 @@ public static Method findSetterMethod(Class containerClass, String propertyName, private static Method setterOrNull(Class theClass, String propertyName, Class propertyType) { Method potentialSetter = null; - for ( Method method : theClass.getDeclaredMethods() ) { + for ( Method method : getDeclaredMethods( theClass ) ) { final String methodName = method.getName(); if ( method.getParameterTypes().length == 1 && methodName.startsWith( "set" ) ) { final String testOldMethod = methodName.substring( 3 ); diff --git a/hibernate-core/src/main/java/org/hibernate/tuple/entity/PojoEntityTuplizer.java b/hibernate-core/src/main/java/org/hibernate/tuple/entity/PojoEntityTuplizer.java index 7424651be4fc..fe308aa71c9d 100644 --- a/hibernate-core/src/main/java/org/hibernate/tuple/entity/PojoEntityTuplizer.java +++ b/hibernate-core/src/main/java/org/hibernate/tuple/entity/PojoEntityTuplizer.java @@ -8,6 +8,8 @@ import java.lang.reflect.Method; import java.lang.reflect.Modifier; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Iterator; import java.util.Map; import java.util.Set; @@ -90,7 +92,7 @@ public PojoEntityTuplizer(EntityMetamodel entityMetamodel, PersistentClass mappe } @Override - protected ProxyFactory buildProxyFactory(PersistentClass persistentClass, Getter idGetter, Setter idSetter) { + protected ProxyFactory buildProxyFactory(final PersistentClass persistentClass, final Getter idGetter, final Setter idSetter) { // determine the id getter and setter methods from the proxy interface (if any) // determine all interfaces needed by the resulting proxy @@ -100,9 +102,9 @@ protected ProxyFactory buildProxyFactory(PersistentClass persistentClass, Getter * should be the last one in the order (on JBossAS7 its class-loader will be org.hibernate module's class- * loader, which will not see the classes inside deployed apps. See HHH-3078 */ - Set proxyInterfaces = new java.util.LinkedHashSet(); + final Set proxyInterfaces = new java.util.LinkedHashSet(); - Class mappedClass = persistentClass.getMappedClass(); + final Class mappedClass = persistentClass.getMappedClass(); Class proxyInterface = persistentClass.getProxyInterface(); if ( proxyInterface != null && !mappedClass.equals( proxyInterface ) ) { @@ -152,31 +154,38 @@ protected ProxyFactory buildProxyFactory(PersistentClass persistentClass, Getter Method idGetterMethod = idGetter == null ? null : idGetter.getMethod(); Method idSetterMethod = idSetter == null ? null : idSetter.getMethod(); - Method proxyGetIdentifierMethod = idGetterMethod == null || proxyInterface == null ? + final Method proxyGetIdentifierMethod = idGetterMethod == null || proxyInterface == null ? null : ReflectHelper.getMethod( proxyInterface, idGetterMethod ); - Method proxySetIdentifierMethod = idSetterMethod == null || proxyInterface == null ? + final Method proxySetIdentifierMethod = idSetterMethod == null || proxyInterface == null ? null : ReflectHelper.getMethod( proxyInterface, idSetterMethod ); - ProxyFactory pf = buildProxyFactoryInternal( persistentClass, idGetter, idSetter ); - try { - pf.postInstantiate( - getEntityName(), - mappedClass, - proxyInterfaces, - proxyGetIdentifierMethod, - proxySetIdentifierMethod, - persistentClass.hasEmbeddedIdentifier() ? - (CompositeType) persistentClass.getIdentifier().getType() : - null - ); - } - catch (HibernateException he) { - LOG.unableToCreateProxyFactory( getEntityName(), he ); - pf = null; - } - return pf; + final PrivilegedAction action = new PrivilegedAction() { + @Override + public ProxyFactory run() { + ProxyFactory pf = buildProxyFactoryInternal( persistentClass, idGetter, idSetter ); + try { + pf.postInstantiate( + getEntityName(), + mappedClass, + proxyInterfaces, + proxyGetIdentifierMethod, + proxySetIdentifierMethod, + persistentClass.hasEmbeddedIdentifier() ? + (CompositeType) persistentClass.getIdentifier().getType() : + null + ); + } + catch (HibernateException he) { + LOG.unableToCreateProxyFactory( getEntityName(), he ); + pf = null; + } + return pf; + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } protected ProxyFactory buildProxyFactoryInternal( diff --git a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/event/internal/jpa/CallbackBuilderLegacyImpl.java b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/event/internal/jpa/CallbackBuilderLegacyImpl.java index fe3a8007c24d..cc716092f669 100644 --- a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/event/internal/jpa/CallbackBuilderLegacyImpl.java +++ b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/event/internal/jpa/CallbackBuilderLegacyImpl.java @@ -10,6 +10,8 @@ import java.lang.annotation.ElementType; import java.lang.annotation.Target; import java.lang.reflect.Method; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.List; import javax.persistence.Entity; @@ -89,7 +91,7 @@ public Callback[] resolveCallbacks(XClass beanClass, CallbackType callbackType, boolean stopDefaultListeners = false; do { Callback callback = null; - List methods = currentClazz.getDeclaredMethods(); + List methods = getDeclaredMethods( currentClazz ); for ( final XMethod xMethod : methods ) { if ( xMethod.isAnnotationPresent( callbackType.getCallbackAnnotation() ) ) { Method method = reflectionManager.toMethod( xMethod ); @@ -158,7 +160,7 @@ public Callback[] resolveCallbacks(XClass beanClass, CallbackType callbackType, if ( listener != null ) { XClass xListener = reflectionManager.toXClass( listener ); callbacksMethodNames = new ArrayList(); - List methods = xListener.getDeclaredMethods(); + List methods = getDeclaredMethods( xListener ); for ( final XMethod xMethod : methods ) { if ( xMethod.isAnnotationPresent( callbackType.getCallbackAnnotation() ) ) { final Method method = reflectionManager.toMethod( xMethod ); @@ -245,4 +247,15 @@ private static void getListeners(XClass currentClazz, List orderedListene } } } + + private static List getDeclaredMethods(final XClass clazz) { + final PrivilegedAction> action = new PrivilegedAction>() { + @Override + public List run() { + return clazz.getDeclaredMethods(); + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); + } + } diff --git a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/metamodel/MetadataContext.java b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/metamodel/MetadataContext.java index 25e4f6eddef6..d8f66e1b3d3e 100755 --- a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/metamodel/MetadataContext.java +++ b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/metamodel/MetadataContext.java @@ -7,6 +7,8 @@ package org.hibernate.jpa.internal.metamodel; import java.lang.reflect.Field; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; @@ -348,20 +350,33 @@ private void applyVersionAttribute(MappedSuperclass mappingType, MappedSuper return attributes; } - private void populateStaticMetamodel(AbstractManagedType managedType) { + private void populateStaticMetamodel(final AbstractManagedType managedType) { final Class managedTypeClass = managedType.getJavaType(); if ( managedTypeClass == null ) { // should indicate MAP entity mode, skip... return; } final String metamodelClassName = managedTypeClass.getName() + "_"; - try { - final Class metamodelClass = Class.forName( metamodelClassName, true, managedTypeClass.getClassLoader() ); - // we found the class; so populate it... - registerAttributes( metamodelClass, managedType ); + + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Object run() { + try { + final Class metamodelClass = Class.forName( metamodelClassName, true, managedTypeClass.getClassLoader() ); + // we found the class; so populate it... + registerAttributes( metamodelClass, managedType ); + } + catch (ClassNotFoundException ignore) { + // nothing to do... + } + return null; + } + }; + if ( System.getSecurityManager() != null ) { + AccessController.doPrivileged( action ); } - catch (ClassNotFoundException ignore) { - // nothing to do... + else { + action.run(); } // todo : this does not account for @MappeSuperclass, mainly because this is not being tracked in our diff --git a/hibernate-envers/src/main/java/org/hibernate/envers/configuration/internal/metadata/reader/AuditedPropertiesReader.java b/hibernate-envers/src/main/java/org/hibernate/envers/configuration/internal/metadata/reader/AuditedPropertiesReader.java index 4700d270f4ea..e96b14b2ee58 100644 --- a/hibernate-envers/src/main/java/org/hibernate/envers/configuration/internal/metadata/reader/AuditedPropertiesReader.java +++ b/hibernate-envers/src/main/java/org/hibernate/envers/configuration/internal/metadata/reader/AuditedPropertiesReader.java @@ -7,6 +7,8 @@ package org.hibernate.envers.configuration.internal.metadata.reader; import java.lang.annotation.Annotation; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Arrays; import java.util.Collections; import java.util.Iterator; @@ -335,31 +337,52 @@ private void addPropertiesFromDynamicComponent(DynamicComponentSource dynamicCom * * @param clazz Currently processed class. */ - private void addPropertiesFromClass(XClass clazz) { + private void addPropertiesFromClass(final XClass clazz) { final Audited allClassAudited = computeAuditConfiguration( clazz ); //look in the class addFromProperties( - clazz.getDeclaredProperties( "field" ), + getPropertiesFromClassByType( clazz, AccessType.FIELD ), "field", fieldAccessedPersistentProperties, allClassAudited ); + addFromProperties( - clazz.getDeclaredProperties( "property" ), + getPropertiesFromClassByType( clazz, AccessType.PROPERTY ), "property", propertyAccessedPersistentProperties, allClassAudited ); if ( allClassAudited != null || !auditedPropertiesHolder.isEmpty() ) { - final XClass superclazz = clazz.getSuperclass(); + final PrivilegedAction action = new PrivilegedAction() { + @Override + public XClass run() { + return clazz.getSuperclass(); + } + }; + + final XClass superclazz = System.getSecurityManager() != null + ? AccessController.doPrivileged( action ) + : action.run(); + if ( !clazz.isInterface() && !"java.lang.Object".equals( superclazz.getName() ) ) { addPropertiesFromClass( superclazz ); } } } + private Iterable getPropertiesFromClassByType(final XClass clazz, final AccessType accessType) { + final PrivilegedAction> action = new PrivilegedAction>() { + @Override + public Iterable run() { + return clazz.getDeclaredProperties( accessType.getType() ); + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); + } + private void addFromProperties( Iterable properties, String accessType, From 482fe3a35fd396de28c3bfa79c15d87704855220 Mon Sep 17 00:00:00 2001 From: Gail Badner Date: Sat, 25 Aug 2018 16:59:55 -0700 Subject: [PATCH 3/4] HHH-12542 : Get TCCL and system ClassLoader in ProtectedAction --- .../internal/ClassLoaderServiceImpl.java | 21 +++++++++---------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java b/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java index 91d5eabd7021..7076488a97db 100644 --- a/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java +++ b/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java @@ -81,21 +81,20 @@ public ClassLoaderServiceImpl(Collection providedClassLoaders) { // then the Hibernate class loader orderedClassLoaderSet.add( ClassLoaderServiceImpl.class.getClassLoader() ); - // then the TCCL, if one... - final ClassLoader tccl = locateTCCL(); - if ( tccl != null ) { - orderedClassLoaderSet.add( tccl ); - } - // finally the system classloader - final ClassLoader sysClassLoader = locateSystemClassLoader(); - if ( sysClassLoader != null ) { - orderedClassLoaderSet.add( sysClassLoader ); - } - // now build the aggregated class loader... final PrivilegedAction action = new PrivilegedAction() { @Override public AggregatedClassLoader run() { + // then the TCCL, if one... + final ClassLoader tccl = locateTCCL(); + if ( tccl != null ) { + orderedClassLoaderSet.add( tccl ); + } + // finally the system classloader + final ClassLoader sysClassLoader = locateSystemClassLoader(); + if ( sysClassLoader != null ) { + orderedClassLoaderSet.add( sysClassLoader ); + } return new AggregatedClassLoader( orderedClassLoaderSet ); } }; From ffa12f2b00ceb935d11e051b746dbbe2e949b8b1 Mon Sep 17 00:00:00 2001 From: Steve Ebersole Date: Wed, 27 Dec 2017 09:53:07 -0600 Subject: [PATCH 4/4] HHH-12189 - Only call setAccessible() when member is not accessible (cherry picked from commit 300fa800161c6a11614bdad812fa2d8b659e730e) --- .../org/hibernate/cfg/annotations/HCANNHelper.java | 1 + .../cfg/beanvalidation/BeanValidationIntegrator.java | 1 - .../org/hibernate/internal/util/ReflectHelper.java | 11 +++++++---- .../access/internal/AbstractFieldSerialForm.java | 3 ++- .../property/access/spi/GetterMethodImpl.java | 3 ++- .../property/access/spi/SetterMethodImpl.java | 3 ++- .../tuple/component/ComponentTuplizerFactory.java | 2 +- .../hibernate/tuple/entity/EntityTuplizerFactory.java | 2 +- .../cache/ehcache/management/impl/BeanUtils.java | 4 +++- .../impl/ProviderMBeanRegistrationHelper.java | 3 +++ .../event/internal/jpa/CallbackBuilderLegacyImpl.java | 7 +++---- .../jpa/internal/metamodel/MetadataContext.java | 3 ++- .../jpa/internal/util/PersistenceUtilHelper.java | 5 +++-- .../bytecode/enhancement/EnhancerTestUtils.java | 3 ++- 14 files changed, 32 insertions(+), 19 deletions(-) diff --git a/hibernate-core/src/main/java/org/hibernate/cfg/annotations/HCANNHelper.java b/hibernate-core/src/main/java/org/hibernate/cfg/annotations/HCANNHelper.java index c2c4ca737cd0..4e872f4c3bd2 100644 --- a/hibernate-core/src/main/java/org/hibernate/cfg/annotations/HCANNHelper.java +++ b/hibernate-core/src/main/java/org/hibernate/cfg/annotations/HCANNHelper.java @@ -28,6 +28,7 @@ public class HCANNHelper { final Class javaXMemberClass = JavaXMember.class; try { getMemberMethod = javaXMemberClass.getDeclaredMethod( "getMember" ); + // NOTE : no need to check accessibility here - we know it is protected getMemberMethod.setAccessible( true ); } catch (NoSuchMethodException e) { diff --git a/hibernate-core/src/main/java/org/hibernate/cfg/beanvalidation/BeanValidationIntegrator.java b/hibernate-core/src/main/java/org/hibernate/cfg/beanvalidation/BeanValidationIntegrator.java index 2d12fc898d92..94dcbe2e2e52 100644 --- a/hibernate-core/src/main/java/org/hibernate/cfg/beanvalidation/BeanValidationIntegrator.java +++ b/hibernate-core/src/main/java/org/hibernate/cfg/beanvalidation/BeanValidationIntegrator.java @@ -52,7 +52,6 @@ public static void validateFactory(Object object) { final Class activatorClass = BeanValidationIntegrator.class.getClassLoader().loadClass( ACTIVATOR_CLASS_NAME ); try { final Method validateMethod = activatorClass.getMethod( VALIDATE_SUPPLIED_FACTORY_METHOD_NAME, Object.class ); - validateMethod.setAccessible( true ); try { validateMethod.invoke( null, object ); } diff --git a/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java b/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java index 57cc35339cd9..ecd09c7e12a2 100644 --- a/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java +++ b/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java @@ -348,7 +348,7 @@ public static Constructor getConstructor(Class clazz, Type[] types) throws Prope } if ( found ) { numberOfMatchingConstructors ++; - candidate.setAccessible( true ); + ensureAccessibility( candidate ); constructor = candidate; } } @@ -404,7 +404,8 @@ public Field run() { ); } - field.setAccessible( true ); + ensureAccessibility( field ); + return field; } @@ -475,7 +476,8 @@ public static Method findGetterMethod(Class containerClass, String propertyName) ); } - getter.setAccessible( true ); + ensureAccessibility( getter ); + return getter; } @@ -627,7 +629,8 @@ public static Method findSetterMethod(Class containerClass, String propertyName, ); } - setter.setAccessible( true ); + ensureAccessibility( setter ); + return setter; } diff --git a/hibernate-core/src/main/java/org/hibernate/property/access/internal/AbstractFieldSerialForm.java b/hibernate-core/src/main/java/org/hibernate/property/access/internal/AbstractFieldSerialForm.java index 3e185964abc7..ea9bfd5566e2 100644 --- a/hibernate-core/src/main/java/org/hibernate/property/access/internal/AbstractFieldSerialForm.java +++ b/hibernate-core/src/main/java/org/hibernate/property/access/internal/AbstractFieldSerialForm.java @@ -9,6 +9,7 @@ import java.io.Serializable; import java.lang.reflect.Field; +import org.hibernate.internal.util.ReflectHelper; import org.hibernate.property.access.spi.PropertyAccessSerializationException; /** @@ -32,7 +33,7 @@ protected AbstractFieldSerialForm(Class declaringClass, String fieldName) { protected Field resolveField() { try { final Field field = declaringClass.getDeclaredField( fieldName ); - field.setAccessible( true ); + ReflectHelper.ensureAccessibility( field ); return field; } catch (NoSuchFieldException e) { diff --git a/hibernate-core/src/main/java/org/hibernate/property/access/spi/GetterMethodImpl.java b/hibernate-core/src/main/java/org/hibernate/property/access/spi/GetterMethodImpl.java index 80730f825f84..8f6e8fdb0c00 100644 --- a/hibernate-core/src/main/java/org/hibernate/property/access/spi/GetterMethodImpl.java +++ b/hibernate-core/src/main/java/org/hibernate/property/access/spi/GetterMethodImpl.java @@ -16,6 +16,7 @@ import org.hibernate.PropertyAccessException; import org.hibernate.engine.spi.SessionImplementor; import org.hibernate.internal.CoreMessageLogger; +import org.hibernate.internal.util.ReflectHelper; import static org.hibernate.internal.CoreLogging.messageLogger; @@ -122,7 +123,7 @@ private Object readResolve() { private Method resolveMethod() { try { final Method method = declaringClass.getDeclaredMethod( methodName ); - method.setAccessible( true ); + ReflectHelper.ensureAccessibility( method ); return method; } catch (NoSuchMethodException e) { diff --git a/hibernate-core/src/main/java/org/hibernate/property/access/spi/SetterMethodImpl.java b/hibernate-core/src/main/java/org/hibernate/property/access/spi/SetterMethodImpl.java index 942062878e66..9dce49e7eb5b 100644 --- a/hibernate-core/src/main/java/org/hibernate/property/access/spi/SetterMethodImpl.java +++ b/hibernate-core/src/main/java/org/hibernate/property/access/spi/SetterMethodImpl.java @@ -15,6 +15,7 @@ import org.hibernate.PropertySetterAccessException; import org.hibernate.engine.spi.SessionFactoryImplementor; import org.hibernate.internal.CoreMessageLogger; +import org.hibernate.internal.util.ReflectHelper; import static org.hibernate.internal.CoreLogging.messageLogger; @@ -146,7 +147,7 @@ private Object readResolve() { private Method resolveMethod() { try { final Method method = declaringClass.getDeclaredMethod( methodName, argumentType ); - method.setAccessible( true ); + ReflectHelper.ensureAccessibility( method ); return method; } catch (NoSuchMethodException e) { diff --git a/hibernate-core/src/main/java/org/hibernate/tuple/component/ComponentTuplizerFactory.java b/hibernate-core/src/main/java/org/hibernate/tuple/component/ComponentTuplizerFactory.java index 2f5845996049..eccdb11352ca 100644 --- a/hibernate-core/src/main/java/org/hibernate/tuple/component/ComponentTuplizerFactory.java +++ b/hibernate-core/src/main/java/org/hibernate/tuple/component/ComponentTuplizerFactory.java @@ -134,7 +134,7 @@ private Constructor getProperConstructor(Class getProperConstructor( try { constructor = clazz.getDeclaredConstructor( constructorArgs ); try { - constructor.setAccessible( true ); + ReflectHelper.ensureAccessibility( constructor ); } catch ( SecurityException e ) { constructor = null; diff --git a/hibernate-ehcache/src/main/java/org/hibernate/cache/ehcache/management/impl/BeanUtils.java b/hibernate-ehcache/src/main/java/org/hibernate/cache/ehcache/management/impl/BeanUtils.java index 172027d50d85..e65f1c66c1d0 100644 --- a/hibernate-ehcache/src/main/java/org/hibernate/cache/ehcache/management/impl/BeanUtils.java +++ b/hibernate-ehcache/src/main/java/org/hibernate/cache/ehcache/management/impl/BeanUtils.java @@ -10,6 +10,8 @@ import java.lang.reflect.Field; import java.lang.reflect.Method; +import org.hibernate.internal.util.ReflectHelper; + /** * Reflective utilities for dealing with backward-incompatible change to statistics types in Hibernate 3.5. * @@ -85,7 +87,7 @@ public static Object getBeanProperty(Object bean, String propertyName) { final Field field = getField( bean, propertyName ); if ( field != null ) { try { - field.setAccessible( true ); + ReflectHelper.ensureAccessibility( field ); return field.get( bean ); } catch (Exception e) { diff --git a/hibernate-ehcache/src/main/java/org/hibernate/cache/ehcache/management/impl/ProviderMBeanRegistrationHelper.java b/hibernate-ehcache/src/main/java/org/hibernate/cache/ehcache/management/impl/ProviderMBeanRegistrationHelper.java index 167a18cef05b..be4f91fc5a31 100644 --- a/hibernate-ehcache/src/main/java/org/hibernate/cache/ehcache/management/impl/ProviderMBeanRegistrationHelper.java +++ b/hibernate-ehcache/src/main/java/org/hibernate/cache/ehcache/management/impl/ProviderMBeanRegistrationHelper.java @@ -19,6 +19,7 @@ import org.hibernate.cache.ehcache.EhCacheMessageLogger; import org.hibernate.cfg.Environment; import org.hibernate.internal.SessionFactoryRegistry; +import org.hibernate.internal.util.ReflectHelper; import org.jboss.logging.Logger; @@ -128,6 +129,7 @@ private SessionFactory locateSessionFactory() { try { final Class factoryType = SessionFactoryRegistry.class; final Field instancesField = getField( factoryType, "sessionFactoryMap" ); + // NOTE : no need to check accessibility here - we know it is private instancesField.setAccessible( true ); final Map map = (Map) instancesField.get( SessionFactoryRegistry.INSTANCE ); if ( map == null ) { @@ -138,6 +140,7 @@ private SessionFactory locateSessionFactory() { final Class sessionFactoryType = sessionFactory.getClass(); final Field propertiesField = getField( sessionFactoryType, "properties" ); if ( propertiesField != null ) { + // NOTE : no need to check accessibility here - we know it is private propertiesField.setAccessible( true ); final Properties props = (Properties) propertiesField.get( sessionFactory ); if ( props != null && props.equals( properties ) ) { diff --git a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/event/internal/jpa/CallbackBuilderLegacyImpl.java b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/event/internal/jpa/CallbackBuilderLegacyImpl.java index cc716092f669..36f3e8424cc2 100644 --- a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/event/internal/jpa/CallbackBuilderLegacyImpl.java +++ b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/event/internal/jpa/CallbackBuilderLegacyImpl.java @@ -26,6 +26,7 @@ import org.hibernate.annotations.common.reflection.ReflectionManager; import org.hibernate.annotations.common.reflection.XClass; import org.hibernate.annotations.common.reflection.XMethod; +import org.hibernate.internal.util.ReflectHelper; import org.hibernate.jpa.event.spi.jpa.Callback; import org.hibernate.jpa.event.spi.jpa.CallbackType; import org.hibernate.jpa.event.spi.jpa.CallbackBuilder; @@ -108,7 +109,7 @@ public Callback[] resolveCallbacks(XClass beanClass, CallbackType callbackType, + callbackType.getCallbackAnnotation().getName() + " - " + xMethod ); } - method.setAccessible( true ); + ReflectHelper.ensureAccessibility( method ); log.debugf( "Adding %s as %s callback for entity %s", methodName, @@ -182,9 +183,7 @@ public Callback[] resolveCallbacks(XClass beanClass, CallbackType callbackType, + callbackType.getCallbackAnnotation().getName() + " - " + method ); } - if ( !method.isAccessible() ) { - method.setAccessible( true ); - } + ReflectHelper.ensureAccessibility( method ); log.debugf( "Adding %s as %s callback for entity %s", methodName, diff --git a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/metamodel/MetadataContext.java b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/metamodel/MetadataContext.java index d8f66e1b3d3e..e56e0a8eb531 100755 --- a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/metamodel/MetadataContext.java +++ b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/metamodel/MetadataContext.java @@ -25,6 +25,7 @@ import org.hibernate.annotations.common.AssertionFailure; import org.hibernate.engine.spi.SessionFactoryImplementor; +import org.hibernate.internal.util.ReflectHelper; import org.hibernate.internal.util.collections.CollectionHelper; import org.hibernate.jpa.internal.EntityManagerMessageLogger; import org.hibernate.mapping.Component; @@ -439,7 +440,7 @@ private void registerAttribute(Class metamodelClass, Attribute attribu : metamodelClass.getDeclaredField( name ); try { // should be public anyway, but to be sure... - field.setAccessible( true ); + ReflectHelper.ensureAccessibility( field ); field.set( null, attribute ); } catch (IllegalAccessException e) { diff --git a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/util/PersistenceUtilHelper.java b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/util/PersistenceUtilHelper.java index 04f1791044a7..436747bc5539 100644 --- a/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/util/PersistenceUtilHelper.java +++ b/hibernate-entitymanager/src/main/java/org/hibernate/jpa/internal/util/PersistenceUtilHelper.java @@ -23,6 +23,7 @@ import org.hibernate.bytecode.enhance.spi.interceptor.LazyAttributeLoadingInterceptor; import org.hibernate.collection.spi.PersistentCollection; import org.hibernate.engine.spi.PersistentAttributeInterceptable; +import org.hibernate.internal.util.ReflectHelper; import org.hibernate.proxy.HibernateProxy; import org.hibernate.proxy.LazyInitializer; @@ -242,7 +243,7 @@ public static class FieldAttributeAccess implements AttributeAccess { public FieldAttributeAccess(Field field) { this.name = field.getName(); try { - field.setAccessible( true ); + ReflectHelper.ensureAccessibility( field ); } catch (Exception e) { this.field = null; @@ -276,7 +277,7 @@ public static class MethodAttributeAccess implements AttributeAccess { public MethodAttributeAccess(String attributeName, Method method) { this.name = attributeName; try { - method.setAccessible( true ); + ReflectHelper.ensureAccessibility( method ); } catch (Exception e) { this.method = null; diff --git a/hibernate-testing/src/main/java/org/hibernate/testing/bytecode/enhancement/EnhancerTestUtils.java b/hibernate-testing/src/main/java/org/hibernate/testing/bytecode/enhancement/EnhancerTestUtils.java index 5377d4839fd4..4a760b4d8a7a 100644 --- a/hibernate-testing/src/main/java/org/hibernate/testing/bytecode/enhancement/EnhancerTestUtils.java +++ b/hibernate-testing/src/main/java/org/hibernate/testing/bytecode/enhancement/EnhancerTestUtils.java @@ -29,6 +29,7 @@ import org.hibernate.engine.spi.Status; import org.hibernate.internal.CoreLogging; import org.hibernate.internal.CoreMessageLogger; +import org.hibernate.internal.util.ReflectHelper; import org.hibernate.testing.junit4.BaseUnitTestCase; @@ -177,7 +178,7 @@ public Class loadClass(String name) throws ClassNotFoundException { public static Object getFieldByReflection(Object entity, String fieldName) { try { Field field = entity.getClass().getDeclaredField( fieldName ); - field.setAccessible( true ); + ReflectHelper.ensureAccessibility( field ); return field.get( entity ); } catch (NoSuchFieldException e) {