< prev index next >

src/java.base/share/classes/java/lang/reflect/AccessibleObject.java

Print this page 
rev 50246 : imported patch jep181-rev1


  30 import java.security.AccessController;
  31 
  32 import jdk.internal.misc.VM;
  33 import jdk.internal.module.IllegalAccessLogger;
  34 import jdk.internal.reflect.CallerSensitive;
  35 import jdk.internal.reflect.Reflection;
  36 import jdk.internal.reflect.ReflectionFactory;
  37 import sun.security.action.GetPropertyAction;
  38 import sun.security.util.SecurityConstants;
  39 
  40 /**
  41  * The {@code AccessibleObject} class is the base class for {@code Field},
  42  * {@code Method}, and {@code Constructor} objects (known as <em>reflected
  43  * objects</em>). It provides the ability to flag a reflected object as
  44  * suppressing checks for Java language access control when it is used. This
  45  * permits sophisticated applications with sufficient privilege, such as Java
  46  * Object Serialization or other persistence mechanisms, to manipulate objects
  47  * in a manner that would normally be prohibited.
  48  *
  49  * <p> Java language access control prevents use of private members outside
  50  * their class; package access members outside their package; protected members
  51  * outside their package or subclasses; and public members outside their
  52  * module unless they are declared in an {@link Module#isExported(String,Module)
  53  * exported} package and the user {@link Module#canRead reads} their module. By
  54  * default, Java language access control is enforced (with one variation) when
  55  * {@code Field}s, {@code Method}s, or {@code Constructor}s are used to get or
  56  * set fields, to invoke methods, or to create and initialize new instances of
  57  * classes, respectively. Every reflected object checks that the code using it
  58  * is in an appropriate class, package, or module. </p>
  59  *
  60  * <p> The one variation from Java language access control is that the checks
  61  * by reflected objects assume readability. That is, the module containing
  62  * the use of a reflected object is assumed to read the module in which
  63  * the underlying field, method, or constructor is declared. </p>
  64  *
  65  * <p> Whether the checks for Java language access control can be suppressed
  66  * (and thus, whether access can be enabled) depends on whether the reflected
  67  * object corresponds to a member in an exported or open package
  68  * (see {@link #setAccessible(boolean)}). </p>
  69  *
  70  * @jls 6.6 Access Control




  30 import java.security.AccessController;
  31 
  32 import jdk.internal.misc.VM;
  33 import jdk.internal.module.IllegalAccessLogger;
  34 import jdk.internal.reflect.CallerSensitive;
  35 import jdk.internal.reflect.Reflection;
  36 import jdk.internal.reflect.ReflectionFactory;
  37 import sun.security.action.GetPropertyAction;
  38 import sun.security.util.SecurityConstants;
  39 
  40 /**
  41  * The {@code AccessibleObject} class is the base class for {@code Field},
  42  * {@code Method}, and {@code Constructor} objects (known as <em>reflected
  43  * objects</em>). It provides the ability to flag a reflected object as
  44  * suppressing checks for Java language access control when it is used. This
  45  * permits sophisticated applications with sufficient privilege, such as Java
  46  * Object Serialization or other persistence mechanisms, to manipulate objects
  47  * in a manner that would normally be prohibited.
  48  *
  49  * <p> Java language access control prevents use of private members outside
  50  * their top-level class; package access members outside their package; protected members
  51  * outside their package or subclasses; and public members outside their
  52  * module unless they are declared in an {@link Module#isExported(String,Module)
  53  * exported} package and the user {@link Module#canRead reads} their module. By
  54  * default, Java language access control is enforced (with one variation) when
  55  * {@code Field}s, {@code Method}s, or {@code Constructor}s are used to get or
  56  * set fields, to invoke methods, or to create and initialize new instances of
  57  * classes, respectively. Every reflected object checks that the code using it
  58  * is in an appropriate class, package, or module. </p>
  59  *
  60  * <p> The one variation from Java language access control is that the checks
  61  * by reflected objects assume readability. That is, the module containing
  62  * the use of a reflected object is assumed to read the module in which
  63  * the underlying field, method, or constructor is declared. </p>
  64  *
  65  * <p> Whether the checks for Java language access control can be suppressed
  66  * (and thus, whether access can be enabled) depends on whether the reflected
  67  * object corresponds to a member in an exported or open package
  68  * (see {@link #setAccessible(boolean)}). </p>
  69  *
  70  * @jls 6.6 Access Control
< prev index next >