setAccessible() alternative with Jigsaw
Thomas Matthijs
lists at selckin.be
Fri Mar 31 15:52:47 UTC 2017
http://mail.openjdk.java.net/pipermail/jigsaw-dev/2017-March/011557.html
On Fri, Mar 31, 2017 at 3:46 PM, Matej Novotny <manovotn at redhat.com> wrote:
> Hello,
>
> I work on Weld, context dependency injection framework.
> Long story short - we need to generate proxies for classes - bytecode which we then "register" with the class loader using java.lang.ClassLoader#defineClass.
>
> Obviously, for this you need reflections - to load java.lang.ClassLoader, then to load the method itself, and most importantly, to make the method accessible cause it's `protected`.
> In JDK 9, this blows up as soon as you try to make the method accessible (invocation of setAccessible).
>
> Fair enough, but what is the "legitimate" alternative?
> I know I can --add-opens / --add-opens / --permit-illegal-access
> But all those just bypass the checks and don't really solve it. I am looking for an intended way to do such stuff.
> I am pretty sure there are many frameworks which need to do this in one way or the other.
>
> So far I have found workarounds which involve using `sun.misc.Unsafe` because there (for some reason) you are allowed to invoke setAccessible().
> Is this the official intended backdoor? Because it sure does not look any safer/cleaner solution than the original one...
>
> Any thoughts appreciated
> Matej
More information about the jigsaw-dev
mailing list