Uploaded image for project: 'CDI Specification Issues'
  1. CDI Specification Issues
  2. CDI-699

AnnotationLiteral should use privileged actions for reflective operations

    Details

      Description

      Currently, if an application declares its own literal which extends AnnotationLiteral and is run with SecurityManager enabled, some methods might lead to SecurityException (e.g. AnnotationLiteral.getMembers() called in constructor requires accessDeclaredMembers permission). The only possible fix seems to be to grant the permission to the deployment/application which is not very convenient. If privileged actions were used, the app server could grant the permissions to the provided CDI API module only.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  antoinesabot-durand Antoine Sabot-Durand
                  Reporter:
                  mkouba Martin Kouba
                • Votes:
                  1 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: