diff --git a/hibernate-core/src/main/java/org/hibernate/boot/cfgxml/internal/ConfigLoader.java b/hibernate-core/src/main/java/org/hibernate/boot/cfgxml/internal/ConfigLoader.java index ab094f769bc8..1485347c9f82 100644 --- a/hibernate-core/src/main/java/org/hibernate/boot/cfgxml/internal/ConfigLoader.java +++ b/hibernate-core/src/main/java/org/hibernate/boot/cfgxml/internal/ConfigLoader.java @@ -12,6 +12,8 @@ import java.io.IOException; import java.io.InputStream; import java.net.URL; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Properties; import org.hibernate.boot.cfgxml.spi.LoadedConfig; @@ -48,27 +50,34 @@ public ConfigLoader(BootstrapServiceRegistry bootstrapServiceRegistry) { } public LoadedConfig loadConfigXmlResource(String cfgXmlResourceName) { - final InputStream stream = bootstrapServiceRegistry.getService( ClassLoaderService.class ).locateResourceStream( cfgXmlResourceName ); - if ( stream == null ) { - throw new ConfigurationException( "Could not locate cfg.xml resource [" + cfgXmlResourceName + "]" ); - } - - try { - final JaxbCfgHibernateConfiguration jaxbCfg = jaxbProcessorHolder.getValue().unmarshal( - stream, - new Origin( SourceType.RESOURCE, cfgXmlResourceName ) - ); + final PrivilegedAction action = new PrivilegedAction() { + @Override + public JaxbCfgHibernateConfiguration run() { + final InputStream stream = bootstrapServiceRegistry.getService( ClassLoaderService.class ).locateResourceStream( cfgXmlResourceName ); + if ( stream == null ) { + throw new ConfigurationException( "Could not locate cfg.xml resource [" + cfgXmlResourceName + "]" ); + } - return LoadedConfig.consume( jaxbCfg ); - } - finally { - try { - stream.close(); - } - catch (IOException e) { - log.debug( "Unable to close cfg.xml resource stream", e ); + try { + return jaxbProcessorHolder.getValue().unmarshal( + stream, + new Origin( SourceType.RESOURCE, cfgXmlResourceName ) + ); + } + finally { + try { + stream.close(); + } + catch ( IOException e ) { + log.debug( "Unable to close cfg.xml resource stream", e ); + } + } } - } + }; + + return LoadedConfig.consume( + System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run() + ); } public LoadedConfig loadConfigXmlFile(File cfgXmlFile) { diff --git a/hibernate-core/src/main/java/org/hibernate/boot/jaxb/internal/AbstractBinder.java b/hibernate-core/src/main/java/org/hibernate/boot/jaxb/internal/AbstractBinder.java index 79ef80e06089..8f5ffd919d48 100644 --- a/hibernate-core/src/main/java/org/hibernate/boot/jaxb/internal/AbstractBinder.java +++ b/hibernate-core/src/main/java/org/hibernate/boot/jaxb/internal/AbstractBinder.java @@ -7,6 +7,9 @@ package org.hibernate.boot.jaxb.internal; import java.io.InputStream; +import java.security.AccessController; +import java.security.PrivilegedAction; + import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; @@ -98,8 +101,15 @@ protected XMLEventReader createReader(Source source, Origin origin) { private Binding doBind(XMLEventReader eventReader, Origin origin) { try { - final StartElement rootElementStartEvent = seekRootElementStartEvent( eventReader, origin ); - return doBind( eventReader, rootElementStartEvent, origin ); + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Binding run() { + final StartElement rootElementStartEvent = seekRootElementStartEvent( eventReader, origin ); + return doBind( eventReader, rootElementStartEvent, origin ); + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } finally { try { diff --git a/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java b/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java index fd4deff3f3e5..c1f7fa3df1ca 100644 --- a/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java +++ b/hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java @@ -83,11 +83,16 @@ public ClassLoaderServiceImpl(Collection providedClassLoaders, Tccl orderedClassLoaderSet.add( ClassLoaderServiceImpl.class.getClassLoader() ); // now build the aggregated class loader... - this.aggregatedClassLoader = AccessController.doPrivileged( new PrivilegedAction() { + final PrivilegedAction action = new PrivilegedAction() { + @Override public AggregatedClassLoader run() { return new AggregatedClassLoader( orderedClassLoaderSet, lookupPrecedence ); } - } ); + }; + + this.aggregatedClassLoader = System.getSecurityManager() != null + ? AccessController.doPrivileged( action ) + : action.run(); } /** @@ -347,49 +352,62 @@ protected Class findClass(String name) throws ClassNotFoundException { @Override @SuppressWarnings({"unchecked"}) public Class classForName(String className) { - try { - return (Class) Class.forName( className, true, getAggregatedClassLoader() ); - } - catch (Exception e) { - throw new ClassLoadingException( "Unable to load class [" + className + "]", e ); - } - catch (LinkageError e) { - throw new ClassLoadingException( "Unable to load class [" + className + "]", e ); - } + final PrivilegedAction> action = new PrivilegedAction>() { + @Override + public Class run() { + try { + return (Class) Class.forName( className, true, getAggregatedClassLoader() ); + } + catch (Exception e) { + throw new ClassLoadingException( "Unable to load class [" + className + "]", e ); + } + catch (LinkageError e) { + throw new ClassLoadingException( "Unable to load class [" + className + "]", e ); + } + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } @Override - public URL locateResource(String name) { - // first we try name as a URL - try { - return new URL( name ); - } - catch (Exception ignore) { - } + public URL locateResource(final String name) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public URL run() { + try { + return new URL( name ); + } + catch (Exception ignore) { + } - try { - final URL url = getAggregatedClassLoader().getResource( name ); - if ( url != null ) { - return url; - } - } - catch (Exception ignore) { - } + try { + final URL url = getAggregatedClassLoader().getResource( name ); + if ( url != null ) { + return url; + } + } + catch (Exception ignore) { + } - if ( name.startsWith( "/" ) ) { - name = name.substring( 1 ); + if ( name.startsWith( "/" ) ) { + final String resourceName = name.substring( 1 ); - try { - final URL url = getAggregatedClassLoader().getResource( name ); - if ( url != null ) { - return url; + try { + final URL url = getAggregatedClassLoader().getResource( resourceName ); + if ( url != null ) { + return url; + } + } + catch (Exception ignore) { + } } + + return null; } - catch (Exception ignore) { - } - } + }; - return null; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } @Override @@ -456,16 +474,22 @@ public List locateResources(String name) { @Override @SuppressWarnings("unchecked") public Collection loadJavaServices(Class serviceContract) { - ServiceLoader serviceLoader = serviceLoaders.get( serviceContract ); - if ( serviceLoader == null ) { - serviceLoader = ServiceLoader.load( serviceContract, getAggregatedClassLoader() ); - serviceLoaders.put( serviceContract, serviceLoader ); - } - final LinkedHashSet services = new LinkedHashSet(); - for ( S service : serviceLoader ) { - services.add( service ); - } - return services; + final PrivilegedAction> action = new PrivilegedAction>() { + @Override + public Collection run() { + ServiceLoader serviceLoader = serviceLoaders.get( serviceContract ); + if ( serviceLoader == null ) { + serviceLoader = ServiceLoader.load( serviceContract, getAggregatedClassLoader() ); + serviceLoaders.put( serviceContract, serviceLoader ); + } + final LinkedHashSet services = new LinkedHashSet(); + for ( S service : serviceLoader ) { + services.add( service ); + } + return services; + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } @Override @@ -480,7 +504,13 @@ public T generateProxy(InvocationHandler handler, Class... interfaces) { @Override public T workWithClassLoader(Work work) { - return work.doWork( getAggregatedClassLoader() ); + final PrivilegedAction action = new PrivilegedAction() { + @Override + public T run() { + return work.doWork( getAggregatedClassLoader() ); + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } private ClassLoader getAggregatedClassLoader() { diff --git a/hibernate-core/src/main/java/org/hibernate/internal/util/ConfigHelper.java b/hibernate-core/src/main/java/org/hibernate/internal/util/ConfigHelper.java index f87581521cb8..a3383bde8696 100644 --- a/hibernate-core/src/main/java/org/hibernate/internal/util/ConfigHelper.java +++ b/hibernate-core/src/main/java/org/hibernate/internal/util/ConfigHelper.java @@ -10,6 +10,8 @@ import java.io.InputStream; import java.net.MalformedURLException; import java.net.URL; +import java.security.AccessController; +import java.security.PrivilegedAction; import org.hibernate.HibernateException; import org.hibernate.cfg.Environment; @@ -113,28 +115,33 @@ private ConfigHelper() { } public static InputStream getResourceAsStream(String resource) { - String stripped = resource.startsWith( "/" ) - ? resource.substring( 1 ) - : resource; - - InputStream stream = null; - ClassLoader classLoader = Thread.currentThread().getContextClassLoader(); - if ( classLoader != null ) { - stream = classLoader.getResourceAsStream( stripped ); - } - if ( stream == null ) { - stream = Environment.class.getResourceAsStream( resource ); - } - if ( stream == null ) { - stream = Environment.class.getClassLoader().getResourceAsStream( stripped ); - } - if ( stream == null ) { - throw new HibernateException( resource + " not found" ); - } - return stream; + final PrivilegedAction action = new PrivilegedAction() { + @Override + public InputStream run() { + String stripped = resource.startsWith( "/" ) + ? resource.substring( 1 ) + : resource; + + InputStream stream = null; + ClassLoader classLoader = Thread.currentThread().getContextClassLoader(); + if ( classLoader != null ) { + stream = classLoader.getResourceAsStream( stripped ); + } + if ( stream == null ) { + stream = Environment.class.getResourceAsStream( resource ); + } + if ( stream == null ) { + stream = Environment.class.getClassLoader().getResourceAsStream( stripped ); + } + if ( stream == null ) { + throw new HibernateException( resource + " not found" ); + } + return stream; + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } - public static InputStream getUserResourceAsStream(String resource) { boolean hasLeadingSlash = resource.startsWith( "/" ); String stripped = hasLeadingSlash ? resource.substring( 1 ) : resource; diff --git a/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java b/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java index 4fbff725c4bf..b192252ad542 100644 --- a/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java +++ b/hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java @@ -13,6 +13,8 @@ import java.lang.reflect.Member; import java.lang.reflect.Method; import java.lang.reflect.Modifier; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Locale; import java.util.regex.Pattern; import javax.persistence.Transient; @@ -235,7 +237,14 @@ public static Class reflectedPropertyClass(Class clazz, String name) throws Mapp } private static Getter getter(Class clazz, String name) throws MappingException { - return PropertyAccessStrategyMixedImpl.INSTANCE.buildPropertyAccess( clazz, name ).getGetter(); + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Getter run() { + return PropertyAccessStrategyMixedImpl.INSTANCE.buildPropertyAccess( clazz, name ).getGetter(); + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } public static Object getConstantValue(String name, SessionFactoryImplementor factory) { @@ -272,16 +281,23 @@ public static Constructor getDefaultConstructor(Class clazz) throws Pr return null; } - try { - Constructor constructor = clazz.getDeclaredConstructor( NO_PARAM_SIGNATURE ); - ensureAccessibility( constructor ); - return constructor; - } - catch ( NoSuchMethodException nme ) { - throw new PropertyNotFoundException( - "Object class [" + clazz.getName() + "] must declare a default (no-argument) constructor" - ); - } + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Constructor run() { + try { + Constructor constructor = clazz.getDeclaredConstructor( NO_PARAM_SIGNATURE ); + ensureAccessibility( constructor ); + return constructor; + } + catch (NoSuchMethodException e) { + throw new PropertyNotFoundException( + "Object class [" + clazz.getName() + "] must declare a default (no-argument) constructor" + ); + } + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } /** @@ -348,12 +364,19 @@ public static Constructor getConstructor(Class clazz, Type[] types) throws Prope } public static Method getMethod(Class clazz, Method method) { - try { - return clazz.getMethod( method.getName(), method.getParameterTypes() ); - } - catch (Exception e) { - return null; - } + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Method run() { + try { + return clazz.getMethod( method.getName(), method.getParameterTypes() ); + } + catch (Exception e){ + return null; + } + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } public static Field findField(Class containerClass, String propertyName) { @@ -364,8 +387,14 @@ else if ( containerClass == Object.class ) { throw new IllegalArgumentException( "Illegal attempt to locate field [" + propertyName + "] on Object.class" ); } - Field field = locateField( containerClass, propertyName ); + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Field run() { + return locateField( containerClass, propertyName ); + } + }; + final Field field = System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); if ( field == null ) { throw new PropertyNotFoundException( String.format( @@ -383,11 +412,22 @@ else if ( containerClass == Object.class ) { } public static void ensureAccessibility(AccessibleObject accessibleObject) { - if ( accessibleObject.isAccessible() ) { - return; - } + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Object run() { + if ( !accessibleObject.isAccessible() ) { + accessibleObject.setAccessible( true ); + } + return null; + } + }; - accessibleObject.setAccessible( true ); + if ( System.getSecurityManager() != null ) { + AccessController.doPrivileged( action ); + } + else { + action.run(); + } } private static Field locateField(Class clazz, String propertyName) { @@ -462,7 +502,7 @@ private static Method getGetterOrNull(Class[] interfaces, String propertyName) { } private static Method getGetterOrNull(Class containerClass, String propertyName) { - for ( Method method : containerClass.getDeclaredMethods() ) { + for ( Method method : getDeclaredMethods( containerClass ) ) { // if the method has parameters, skip it if ( method.getParameterCount() != 0 ) { continue; @@ -513,17 +553,39 @@ private static void verifyNoIsVariantExists( String propertyName, Method getMethod, String stemName) { - // verify that the Class does not also define a method with the same stem name with 'is' - try { - final Method isMethod = containerClass.getDeclaredMethod( "is" + stemName ); + final Method isMethod = getDeclaredMethod( containerClass, "is" + stemName ); + if ( isMethod != null ) { if ( !Modifier.isStatic( isMethod.getModifiers() ) && isMethod.getAnnotation( Transient.class ) == null ) { // No such method should throw the caught exception. So if we get here, there was // such a method. checkGetAndIsVariants( containerClass, propertyName, getMethod, isMethod ); } } - catch (NoSuchMethodException ignore) { - } + } + + private static Method getDeclaredMethod(Class containerClass, String methodName) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Method run() { + try { + return containerClass.getDeclaredMethod( methodName ); + } + catch (NoSuchMethodException ignore) { + return null; + } + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); + } + + private static Method[] getDeclaredMethods(Class containerClass) { + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Method[] run() { + return containerClass.getDeclaredMethods(); + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } private static void checkGetAndIsVariants( @@ -554,16 +616,14 @@ private static void verifyNoGetVariantExists( Method isMethod, String stemName) { // verify that the Class does not also define a method with the same stem name with 'is' - try { - final Method getMethod = containerClass.getDeclaredMethod( "get" + stemName ); + final Method getMethod = getDeclaredMethod( containerClass, "get" + stemName ); + if ( getMethod != null ) { // No such method should throw the caught exception. So if we get here, there was // such a method. if ( !Modifier.isStatic( getMethod.getModifiers() ) && getMethod.getAnnotation( Transient.class ) == null ) { checkGetAndIsVariants( containerClass, propertyName, getMethod, isMethod ); } } - catch (NoSuchMethodException ignore) { - } } public static Method getterMethodOrNull(Class containerJavaType, String propertyName) { @@ -631,7 +691,7 @@ private static Method setterOrNull(Class[] interfaces, String propertyName, Clas private static Method setterOrNull(Class theClass, String propertyName, Class propertyType) { Method potentialSetter = null; - for ( Method method : theClass.getDeclaredMethods() ) { + for ( Method method : getDeclaredMethods( theClass ) ) { final String methodName = method.getName(); if ( method.getParameterCount() == 1 && methodName.startsWith( "set" ) ) { final String testOldMethod = methodName.substring( 3 ); @@ -656,7 +716,7 @@ private static Method setterOrNull(Class theClass, String propertyName, Class pr * as an abstract - but again, that is such an edge case... */ public static Method findGetterMethodForFieldAccess(Field field, String propertyName) { - for ( Method method : field.getDeclaringClass().getDeclaredMethods() ) { + for ( Method method : getDeclaredMethods( field.getDeclaringClass() ) ) { // if the method has parameters, skip it if ( method.getParameterCount() != 0 ) { continue; diff --git a/hibernate-core/src/main/java/org/hibernate/jpa/event/internal/CallbackBuilderLegacyImpl.java b/hibernate-core/src/main/java/org/hibernate/jpa/event/internal/CallbackBuilderLegacyImpl.java index 1a6851ba3ce9..42da63f82d0e 100644 --- a/hibernate-core/src/main/java/org/hibernate/jpa/event/internal/CallbackBuilderLegacyImpl.java +++ b/hibernate-core/src/main/java/org/hibernate/jpa/event/internal/CallbackBuilderLegacyImpl.java @@ -10,6 +10,8 @@ import java.lang.annotation.ElementType; import java.lang.annotation.Target; import java.lang.reflect.Method; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.List; import javax.persistence.Entity; @@ -72,6 +74,7 @@ public void buildCallbacksForEntity(String entityClassName, CallbackRegistrar ca } continue; } + final Callback[] callbacks = resolveEntityCallbacks( entityXClass, callbackType, reflectionManager ); callbackRegistrar.registerCallbacks( entityClass, callbacks ); } @@ -119,7 +122,7 @@ public Callback[] resolveEntityCallbacks(XClass beanClass, CallbackType callback final boolean debugEnabled = log.isDebugEnabled(); do { Callback callback = null; - List methods = currentClazz.getDeclaredMethods(); + List methods = getDeclaredMethods( currentClazz ); for ( final XMethod xMethod : methods ) { if ( xMethod.isAnnotationPresent( callbackType.getCallbackAnnotation() ) ) { Method method = reflectionManager.toMethod( xMethod ); @@ -190,7 +193,7 @@ public Callback[] resolveEntityCallbacks(XClass beanClass, CallbackType callback if ( listener != null ) { XClass xListener = reflectionManager.toXClass( listener ); callbacksMethodNames = new ArrayList<>(); - List methods = xListener.getDeclaredMethods(); + List methods = getDeclaredMethods( xListener ); for ( final XMethod xMethod : methods ) { if ( xMethod.isAnnotationPresent( callbackType.getCallbackAnnotation() ) ) { final Method method = reflectionManager.toMethod( xMethod ); @@ -338,4 +341,14 @@ private static void getListeners(XClass currentClazz, List orderedListene } } } + + private static List getDeclaredMethods(XClass clazz) { + final PrivilegedAction> action = new PrivilegedAction>() { + @Override + public List run() { + return clazz.getDeclaredMethods(); + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); + } } diff --git a/hibernate-core/src/main/java/org/hibernate/metamodel/internal/MetadataContext.java b/hibernate-core/src/main/java/org/hibernate/metamodel/internal/MetadataContext.java index edfc52477e5e..3dee49037312 100755 --- a/hibernate-core/src/main/java/org/hibernate/metamodel/internal/MetadataContext.java +++ b/hibernate-core/src/main/java/org/hibernate/metamodel/internal/MetadataContext.java @@ -7,6 +7,8 @@ package org.hibernate.metamodel.internal; import java.lang.reflect.Field; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; @@ -369,13 +371,26 @@ private void populateStaticMetamodel(AbstractManagedType managedType) { return; } final String metamodelClassName = managedTypeClass.getName() + '_'; - try { - final Class metamodelClass = Class.forName( metamodelClassName, true, managedTypeClass.getClassLoader() ); - // we found the class; so populate it... - registerAttributes( metamodelClass, managedType ); + + final PrivilegedAction action = new PrivilegedAction() { + @Override + public Object run() { + try { + final Class metamodelClass = Class.forName( metamodelClassName, true, managedTypeClass.getClassLoader() ); + // we found the class; so populate it... + registerAttributes( metamodelClass, managedType ); + } + catch (ClassNotFoundException ignore) { + // nothing to do... + } + return null; + } + }; + if ( System.getSecurityManager() != null ) { + AccessController.doPrivileged( action ); } - catch (ClassNotFoundException ignore) { - // nothing to do... + else { + action.run(); } // todo : this does not account for @MappeSuperclass, mainly because this is not being tracked in our diff --git a/hibernate-core/src/main/java/org/hibernate/tuple/entity/PojoEntityTuplizer.java b/hibernate-core/src/main/java/org/hibernate/tuple/entity/PojoEntityTuplizer.java index f186e8a384c2..6efd27b543e1 100644 --- a/hibernate-core/src/main/java/org/hibernate/tuple/entity/PojoEntityTuplizer.java +++ b/hibernate-core/src/main/java/org/hibernate/tuple/entity/PojoEntityTuplizer.java @@ -8,6 +8,8 @@ import java.lang.reflect.Method; import java.lang.reflect.Modifier; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Iterator; import java.util.Map; import java.util.Set; @@ -157,24 +159,31 @@ protected ProxyFactory buildProxyFactory(PersistentClass persistentClass, Getter null : ReflectHelper.getMethod( proxyInterface, idSetterMethod ); - ProxyFactory pf = buildProxyFactoryInternal( persistentClass, idGetter, idSetter ); - try { - pf.postInstantiate( - getEntityName(), - mappedClass, - proxyInterfaces, - proxyGetIdentifierMethod, - proxySetIdentifierMethod, - persistentClass.hasEmbeddedIdentifier() ? - (CompositeType) persistentClass.getIdentifier().getType() : - null - ); - } - catch (HibernateException he) { - LOG.unableToCreateProxyFactory( getEntityName(), he ); - pf = null; - } - return pf; + final PrivilegedAction action = new PrivilegedAction() { + @Override + public ProxyFactory run() { + ProxyFactory pf = buildProxyFactoryInternal( persistentClass, idGetter, idSetter ); + try { + pf.postInstantiate( + getEntityName(), + mappedClass, + proxyInterfaces, + proxyGetIdentifierMethod, + proxySetIdentifierMethod, + persistentClass.hasEmbeddedIdentifier() ? + (CompositeType) persistentClass.getIdentifier().getType() : + null + ); + } + catch (HibernateException he) { + LOG.unableToCreateProxyFactory( getEntityName(), he ); + pf = null; + } + return pf; + } + }; + + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); } protected ProxyFactory buildProxyFactoryInternal( diff --git a/hibernate-envers/src/main/java/org/hibernate/envers/configuration/internal/metadata/reader/AuditedPropertiesReader.java b/hibernate-envers/src/main/java/org/hibernate/envers/configuration/internal/metadata/reader/AuditedPropertiesReader.java index 3ddffe0a4621..a1d28592157a 100644 --- a/hibernate-envers/src/main/java/org/hibernate/envers/configuration/internal/metadata/reader/AuditedPropertiesReader.java +++ b/hibernate-envers/src/main/java/org/hibernate/envers/configuration/internal/metadata/reader/AuditedPropertiesReader.java @@ -7,6 +7,8 @@ package org.hibernate.envers.configuration.internal.metadata.reader; import java.lang.annotation.Annotation; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Arrays; import java.util.Collections; import java.util.Iterator; @@ -47,6 +49,7 @@ import org.hibernate.mapping.Component; import org.hibernate.mapping.Property; import org.hibernate.mapping.Value; + import org.jboss.logging.Logger; import static org.hibernate.envers.internal.tools.Tools.newHashMap; @@ -354,26 +357,47 @@ private void addPropertiesFromClass(XClass clazz) { //look in the class addFromProperties( - clazz.getDeclaredProperties( "field" ), + getPropertiesFromClassByType( clazz, AccessType.FIELD ), it -> "field", fieldAccessedPersistentProperties, allClassAudited ); + addFromProperties( - clazz.getDeclaredProperties( "property" ), + getPropertiesFromClassByType( clazz, AccessType.PROPERTY ), propertyAccessedPersistentProperties::get, propertyAccessedPersistentProperties.keySet(), allClassAudited ); if ( allClassAudited != null || !auditedPropertiesHolder.isEmpty() ) { - final XClass superclazz = clazz.getSuperclass(); + final PrivilegedAction action = new PrivilegedAction() { + @Override + public XClass run() { + return clazz.getSuperclass(); + } + }; + + final XClass superclazz = System.getSecurityManager() != null + ? AccessController.doPrivileged( action ) + : action.run(); + if ( !clazz.isInterface() && !"java.lang.Object".equals( superclazz.getName() ) ) { addPropertiesFromClass( superclazz ); } } } + private Iterable getPropertiesFromClassByType(XClass clazz, AccessType accessType) { + final PrivilegedAction> action = new PrivilegedAction>() { + @Override + public Iterable run() { + return clazz.getDeclaredProperties( accessType.getType() ); + } + }; + return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run(); + } + private void addFromProperties( Iterable properties, Function accessTypeProvider,