[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openjdk-jigsaw-dev
Subject:    Re: setAccessible() alternative with Jigsaw
From:       Thomas Matthijs <lists () selckin ! be>
Date:       2017-03-31 15:52:47
Message-ID: CABY_-Z6Z6MoSgOuX55515Csbf0k_GKpNiz3WMEMrt5yUnYD-hA () mail ! gmail ! com
[Download RAW message or body]

http://mail.openjdk.java.net/pipermail/jigsaw-dev/2017-March/011557.html

On Fri, Mar 31, 2017 at 3:46 PM, Matej Novotny <manovotn@redhat.com> wrote:
> Hello,
> 
> I work on Weld, context dependency injection framework.
> Long story short - we need to generate proxies for classes - bytecode which we then \
> "register" with the class loader using java.lang.ClassLoader#defineClass. 
> Obviously, for this you need reflections - to load java.lang.ClassLoader, then to \
> load the method itself, and most importantly, to make the method accessible cause \
> it's `protected`. In JDK 9, this blows up as soon as you try to make the method \
> accessible (invocation of setAccessible). 
> Fair enough, but what is the "legitimate" alternative?
> I know I can --add-opens  / --add-opens / --permit-illegal-access
> But all those just bypass the checks and don't really solve it. I am looking for an \
> intended way to do such stuff. I am pretty sure there are many frameworks which \
> need to do this in one way or the other. 
> So far I have found workarounds which involve using `sun.misc.Unsafe` because there \
> (for some reason) you are allowed to invoke setAccessible(). Is this the official \
> intended backdoor? Because it sure does not look any safer/cleaner solution than \
> the original one... 
> Any thoughts appreciated
> Matej


[prev in list] [next in list] [prev in thread] [next in thread]