Index: impl/src/main/java/org/jboss/webbeans/util/Reflections.java
===================================================================
--- impl/src/main/java/org/jboss/webbeans/util/Reflections.java	(revision 3398)
+++ impl/src/main/java/org/jboss/webbeans/util/Reflections.java	(working copy)
@@ -21,6 +21,7 @@
 import java.lang.annotation.Annotation;
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
+import java.lang.reflect.AccessibleObject;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.Field;
 import java.lang.reflect.InvocationTargetException;
@@ -30,6 +31,10 @@
 import java.lang.reflect.ParameterizedType;
 import java.lang.reflect.Type;
 import java.lang.reflect.TypeVariable;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.Set;
@@ -530,10 +535,10 @@
          }
          try
          {
-            Method targetMethod = clazz.getDeclaredMethod(methodName, parameterTypes);
+            Method targetMethod = getDeclaredMethod(clazz, methodName, parameterTypes);
             if (!targetMethod.isAccessible())
             {
-               targetMethod.setAccessible(true);
+                setAccessible(targetMethod, true);
             }
             return targetMethod;
          }
@@ -714,4 +719,56 @@
       return constructor;
    }
 
+   private static Method getDeclaredMethod(final Class clazz, final String name, final Class[] types) 
+      throws NoSuchMethodException 
+   {
+      if (System.getSecurityManager() == null) 
+      {
+         return clazz.getDeclaredMethod(name, types);
+      } 
+      else 
+      {
+         try {
+            return (Method)AccessController.doPrivileged(new PrivilegedExceptionAction() 
+            {
+               public Object run() throws Exception 
+               {
+                  return clazz.getDeclaredMethod(name, types);
+               }
+            }
+            );
+         }
+         catch(PrivilegedActionException e) 
+         {
+            if (e.getCause() instanceof NoSuchMethodException) 
+            {
+               throw (NoSuchMethodException)e.getCause();
+            }
+            throw new RuntimeException(e.getCause());
+         }
+      }
+   }
+
+
+   private static void setAccessible(final AccessibleObject ao, final boolean accessible) 
+   {
+      if (System.getSecurityManager() == null) 
+      {
+         ao.setAccessible(accessible);
+      } 
+      else 
+      {
+         AccessController.doPrivileged(new PrivilegedAction() 
+         {
+            public Object run() 
+            {
+               ao.setAccessible(accessible);
+               return null;
+            }
+         }
+         );
+      }    
+   }
+
+
 }