From c0576831e246e1efdb21d0fba8a14ed79fc65dcd Mon Sep 17 00:00:00 2001
From: Ladislav Thon
Date: Mon, 11 Nov 2024 10:52:07 +0100
Subject: [PATCH] remove support for Security Manager
The Security Manager was deprecated for removal in Java 17 (see JEP 411).
It is about time to remove support for it in CDI.
---
api/pom.xml | 21 ----
.../compatible/spi/BuildServicesResolver.java | 4 +-
.../build/compatible/spi/SecurityActions.java | 32 -----
.../jakarta/enterprise/inject/spi/CDI.java | 2 +-
.../inject/spi/SecurityActions.java | 52 --------
.../enterprise/util/AnnotationLiteral.java | 11 +-
.../enterprise/util/SecurityActions.java | 69 -----------
.../cdi/api/test/AnnotationLiteralTest.java | 44 ++++---
.../test/privileged/CDIPrivilegedTest.java | 62 ----------
.../api/test/privileged/FakeCDIProvider.java | 114 ------------------
.../annotation/AnnotationLiteralTest.java | 54 ---------
.../privileged/annotation/MyAnnotation.java | 29 -----
.../annotation/MyAnnotationLiteral.java | 40 ------
api/src/test/resources/META-INF/services/fake | 1 -
api/src/test/resources/java.policy | 75 ------------
15 files changed, 33 insertions(+), 577 deletions(-)
delete mode 100644 api/src/main/java/jakarta/enterprise/inject/build/compatible/spi/SecurityActions.java
delete mode 100644 api/src/main/java/jakarta/enterprise/inject/spi/SecurityActions.java
delete mode 100644 api/src/main/java/jakarta/enterprise/util/SecurityActions.java
delete mode 100644 api/src/test/java/org/jboss/cdi/api/test/privileged/CDIPrivilegedTest.java
delete mode 100644 api/src/test/java/org/jboss/cdi/api/test/privileged/FakeCDIProvider.java
delete mode 100644 api/src/test/java/org/jboss/cdi/api/test/privileged/annotation/AnnotationLiteralTest.java
delete mode 100644 api/src/test/java/org/jboss/cdi/api/test/privileged/annotation/MyAnnotation.java
delete mode 100644 api/src/test/java/org/jboss/cdi/api/test/privileged/annotation/MyAnnotationLiteral.java
delete mode 100644 api/src/test/resources/META-INF/services/fake
delete mode 100644 api/src/test/resources/java.policy
diff --git a/api/pom.xml b/api/pom.xml
index c600b9491..43b67ff5e 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -334,27 +334,6 @@
${project.build.testOutputDirectory}/META-INF/services/
-
- **/privileged/**
-
- false
-
-
-
- privileged-test
- test
-
- test
-
-
-
- ${project.build.testOutputDirectory}/META-INF/services/
-
-
- **/privileged/**
-
- -Djava.security.manager -Djava.security.policy="${project.build.testOutputDirectory}/java.policy"
- 1false
diff --git a/api/src/main/java/jakarta/enterprise/inject/build/compatible/spi/BuildServicesResolver.java b/api/src/main/java/jakarta/enterprise/inject/build/compatible/spi/BuildServicesResolver.java
index c8cda6297..357022e8e 100644
--- a/api/src/main/java/jakarta/enterprise/inject/build/compatible/spi/BuildServicesResolver.java
+++ b/api/src/main/java/jakarta/enterprise/inject/build/compatible/spi/BuildServicesResolver.java
@@ -50,8 +50,8 @@ private static void discoverFactories() {
Set factories = new TreeSet<>(
Comparator.comparingInt(BuildServices::getPriority).reversed());
- ServiceLoader loader = SecurityActions.loadService(
- BuildServices.class, BuildServicesResolver.class.getClassLoader());
+ ServiceLoader loader = ServiceLoader.load(BuildServices.class,
+ BuildServicesResolver.class.getClassLoader());
if (!loader.iterator().hasNext()) {
throw new IllegalStateException("Unable to locate BuildServices implementation");
diff --git a/api/src/main/java/jakarta/enterprise/inject/build/compatible/spi/SecurityActions.java b/api/src/main/java/jakarta/enterprise/inject/build/compatible/spi/SecurityActions.java
deleted file mode 100644
index a3edbeba5..000000000
--- a/api/src/main/java/jakarta/enterprise/inject/build/compatible/spi/SecurityActions.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright (c) 2021 Red Hat and others
- *
- * This program and the accompanying materials are made available under the
- * Apache Software License 2.0 which is available at:
- * https://www.apache.org/licenses/LICENSE-2.0.
- *
- * SPDX-License-Identifier: Apache-2.0
- */
-
-package jakarta.enterprise.inject.build.compatible.spi;
-
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.util.ServiceLoader;
-
-/**
- * This utility class is used to optimize invocation made through the SecurityManager
- *
- * @author Antoine Sabot-durand
- */
-
-final class SecurityActions {
- private SecurityActions() {
- }
-
- static ServiceLoader loadService(Class service, ClassLoader classLoader) {
- return AccessController.doPrivileged(
- (PrivilegedAction>) () -> ServiceLoader.load(service, classLoader)
- );
- }
-}
diff --git a/api/src/main/java/jakarta/enterprise/inject/spi/CDI.java b/api/src/main/java/jakarta/enterprise/inject/spi/CDI.java
index ffa9a4868..87d30d121 100644
--- a/api/src/main/java/jakarta/enterprise/inject/spi/CDI.java
+++ b/api/src/main/java/jakarta/enterprise/inject/spi/CDI.java
@@ -131,7 +131,7 @@ private static void findAllProviders() {
ServiceLoader providerLoader;
Set providers = new TreeSet<>(Comparator.comparingInt(CDIProvider::getPriority).reversed());
- providerLoader = SecurityActions.loadService(CDIProvider.class, CDI.class.getClassLoader());
+ providerLoader = ServiceLoader.load(CDIProvider.class, CDI.class.getClassLoader());
if (!providerLoader.iterator().hasNext()) {
throw new IllegalStateException("Unable to locate CDIProvider");
diff --git a/api/src/main/java/jakarta/enterprise/inject/spi/SecurityActions.java b/api/src/main/java/jakarta/enterprise/inject/spi/SecurityActions.java
deleted file mode 100644
index 4c7983c1f..000000000
--- a/api/src/main/java/jakarta/enterprise/inject/spi/SecurityActions.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Copyright 2019, Red Hat, Inc., and individual contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * Copyright 2018, Red Hat, Inc., and individual contributors
- *
- * Licensed under the Apache License, Version 2.1-SNAPSHOT (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.1-SNAPSHOT
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package jakarta.enterprise.inject.spi;
-
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.util.ServiceLoader;
-
-/**
- *
- * This utility class is used to optimize invocation made through the SecurityManager
- *
- * @author Antoine Sabot-durand
- */
-
-final class SecurityActions {
-
- private SecurityActions() {
-
- }
-
- static ServiceLoader loadService(Class service, ClassLoader classLoader) {
- return AccessController.doPrivileged(
- (PrivilegedAction>) () -> ServiceLoader.load(service, classLoader)
- );
- }
-}
diff --git a/api/src/main/java/jakarta/enterprise/util/AnnotationLiteral.java b/api/src/main/java/jakarta/enterprise/util/AnnotationLiteral.java
index 2baab50bd..7955aebab 100644
--- a/api/src/main/java/jakarta/enterprise/util/AnnotationLiteral.java
+++ b/api/src/main/java/jakarta/enterprise/util/AnnotationLiteral.java
@@ -31,10 +31,6 @@
*
*
*
- * Reflection operations are using {@link SecurityActions} utility class to support security manager.
- *
- *
- *
* An instance of an annotation type may be obtained by subclassing AnnotationLiteral.
* The subclass must implement the annotation interface to satisfy the {@link Annotation} contract.
*
@@ -79,7 +75,7 @@ protected AnnotationLiteral() {
private Method[] getMembers() {
if (members == null) {
- members = SecurityActions.getDeclaredMethods(annotationType());
+ members = annotationType().getDeclaredMethods();
if (members.length > 0 && !annotationType().isAssignableFrom(this.getClass())) {
throw new RuntimeException(getClass() + " does not implement the annotation type with members "
+ annotationType().getName());
@@ -288,8 +284,9 @@ private static Object getMemberValue(Method member, Annotation instance) {
private static Object invoke(Method method, Object instance) {
try {
- if (!method.canAccess(instance))
- SecurityActions.setAccessible(method);
+ if (!method.canAccess(instance)) {
+ method.setAccessible(true);
+ }
return method.invoke(instance);
} catch (IllegalArgumentException | IllegalAccessException | InvocationTargetException e) {
throw new RuntimeException("Error checking value of member method " + method.getName() + " on "
diff --git a/api/src/main/java/jakarta/enterprise/util/SecurityActions.java b/api/src/main/java/jakarta/enterprise/util/SecurityActions.java
deleted file mode 100644
index 1e1075419..000000000
--- a/api/src/main/java/jakarta/enterprise/util/SecurityActions.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Copyright 2019, Red Hat, Inc., and individual contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * Copyright 2018, Red Hat, Inc., and individual contributors
- *
- * Licensed under the Apache License, Version 2.1-SNAPSHOT (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.1-SNAPSHOT
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package jakarta.enterprise.util;
-
-import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-
-/**
- *
- * This utility class is used to optimize invocation made through the SecurityManager
- *
- * @author Antoine Sabot-durand
- */
-
-final class SecurityActions {
-
- private SecurityActions() {
-
- }
-
- static void setAccessible(Method method) {
- if (System.getSecurityManager() != null) {
- AccessController.doPrivileged(
- (PrivilegedAction>) () -> {
- method.setAccessible(true);
- return null;
- }
- );
- } else {
- method.setAccessible(true);
- }
- }
-
- static Method[] getDeclaredMethods(Class> clazz) {
- if (System.getSecurityManager() != null) {
- return AccessController.doPrivileged(
- (PrivilegedAction) () -> clazz.getDeclaredMethods()
- );
- } else {
- return clazz.getDeclaredMethods();
- }
- }
-}
diff --git a/api/src/test/java/org/jboss/cdi/api/test/AnnotationLiteralTest.java b/api/src/test/java/org/jboss/cdi/api/test/AnnotationLiteralTest.java
index 7c8a31e61..ebf6177d2 100644
--- a/api/src/test/java/org/jboss/cdi/api/test/AnnotationLiteralTest.java
+++ b/api/src/test/java/org/jboss/cdi/api/test/AnnotationLiteralTest.java
@@ -14,7 +14,8 @@
package org.jboss.cdi.api.test;
import static org.testng.Assert.assertEquals;
-import static org.testng.Assert.assertTrue;
+import static org.testng.Assert.assertNotEquals;
+import static org.testng.Assert.assertNotNull;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.enterprise.context.BeforeDestroyed;
@@ -67,21 +68,40 @@ public void testNullMemberValueOnToString() {
new FooLiteral(null).hashCode();
}
- @SuppressWarnings("serial")
+ @Test
+ public void toStringShouldWork() {
+ assertNotNull(new FooLiteral("foo").toString());
+ }
+
+ @Test
+ public void annotationTypeShouldWork() {
+ assertEquals(Foo.class, new FooLiteral("foo").annotationType());
+ }
+
+ @Test
+ public void equalsShouldWork() {
+ FooLiteral foo = new FooLiteral("foo");
+ FooLiteral foo2 = new FooLiteral("foo");
+ assertEquals(foo, foo2);
+ }
+
+ @Test
+ public void hashCodeShouldWork() {
+ assertNotEquals(new FooLiteral("foo").hashCode(), 0);
+ }
+
@Test
public void testDefaultLiteral() {
assertEquals(new AnnotationLiteral() {
}, Default.Literal.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testAnyLiteral() {
assertEquals(new AnnotationLiteral() {
}, Any.Literal.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testNonbindingLiteral() {
assertEquals(new AnnotationLiteral() {
@@ -90,11 +110,10 @@ public void testNonbindingLiteral() {
@Test
public void testTypedLiteral() {
- assertTrue(Typed.Literal.INSTANCE.value().length == 0);
- assertTrue(Typed.Literal.of(new Class[] { String.class }).value()[0] == String.class);
+ assertEquals(Typed.Literal.INSTANCE.value().length, 0);
+ assertEquals(Typed.Literal.of(new Class[] { String.class }).value()[0], String.class);
}
- @SuppressWarnings("serial")
@Test
public void testAlternativeLiteral() {
assertEquals(new AnnotationLiteral() {
@@ -107,14 +126,12 @@ public void testNamedLiteral() {
assertEquals(NamedLiteral.of("foo").value(), "foo");
}
- @SuppressWarnings("serial")
@Test
public void testQualifierLiteral() {
assertEquals(new AnnotationLiteral() {
}, QualifierLiteral.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testSingletonLiteral() {
assertEquals(new AnnotationLiteral() {
@@ -144,63 +161,54 @@ public void testBeforeDestroyedLiteral() {
assertEquals(BeforeDestroyed.Literal.APPLICATION.value(), ApplicationScoped.class);
}
- @SuppressWarnings("serial")
@Test
public void testApplicationScopedLiteral() {
assertEquals(new AnnotationLiteral() {
}, ApplicationScoped.Literal.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testRequestScopedLiteral() {
assertEquals(new AnnotationLiteral() {
}, RequestScoped.Literal.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testSessionScopedLiteral() {
assertEquals(new AnnotationLiteral() {
}, SessionScoped.Literal.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testConversationScopedLiteral() {
assertEquals(new AnnotationLiteral() {
}, ConversationScoped.Literal.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testDependentLiteral() {
assertEquals(new AnnotationLiteral() {
}, Dependent.Literal.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testVetoedLiteral() {
assertEquals(new AnnotationLiteral() {
}, Vetoed.Literal.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testInjectLiteral() {
assertEquals(new AnnotationLiteral() {
}, InjectLiteral.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testSpecializesLiteral() {
assertEquals(new AnnotationLiteral() {
}, Specializes.Literal.INSTANCE);
}
- @SuppressWarnings("serial")
@Test
public void testTransientReferenceLiteral() {
assertEquals(new AnnotationLiteral() {
diff --git a/api/src/test/java/org/jboss/cdi/api/test/privileged/CDIPrivilegedTest.java b/api/src/test/java/org/jboss/cdi/api/test/privileged/CDIPrivilegedTest.java
deleted file mode 100644
index 9b71d4185..000000000
--- a/api/src/test/java/org/jboss/cdi/api/test/privileged/CDIPrivilegedTest.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Copyright 2018, Red Hat, Inc., and individual contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * Copyright 2018, Red Hat, Inc., and individual contributors
- *
- * Licensed under the Apache License, Version 2.1-SNAPSHOT (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.1-SNAPSHOT
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.jboss.cdi.api.test.privileged;
-
-import java.io.IOException;
-import java.nio.file.Files;
-import java.nio.file.Paths;
-
-import jakarta.enterprise.inject.spi.CDI;
-import jakarta.enterprise.inject.spi.CDIProvider;
-
-import org.testng.Assert;
-import org.testng.annotations.Test;
-
-/**
- * Test for CDIProvider resolution in CDI abstract class.
- *
- * @author Antoine Sabot-durand
- */
-public class CDIPrivilegedTest {
-
- private static final String SERVICE_PATH = System.getProperty("serviceDir");
-
- private static final String SERVICE_FILE_NAME = SERVICE_PATH + CDIProvider.class.getName();
-
- @Test
- public void cdiCurrentShouldWork() {
- try {
- Files.copy(Paths.get(SERVICE_PATH + "fake"), Paths.get(SERVICE_FILE_NAME));
- } catch (IOException e) {
- Assert.fail("Unabale to create service loader file", e);
- }
- Assert.assertEquals(CDI.current().getClass(), FakeCDIProvider.FakeCDI.class);
-
- }
-
-}
\ No newline at end of file
diff --git a/api/src/test/java/org/jboss/cdi/api/test/privileged/FakeCDIProvider.java b/api/src/test/java/org/jboss/cdi/api/test/privileged/FakeCDIProvider.java
deleted file mode 100644
index 0412cb3a0..000000000
--- a/api/src/test/java/org/jboss/cdi/api/test/privileged/FakeCDIProvider.java
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * Copyright 2018, Red Hat, Inc., and individual contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * Copyright 2018, Red Hat, Inc., and individual contributors
- *
- * Licensed under the Apache License, Version 2.1-SNAPSHOT (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.1-SNAPSHOT
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.jboss.cdi.api.test.privileged;
-
-import java.lang.annotation.Annotation;
-import java.util.Iterator;
-
-import jakarta.enterprise.inject.Instance;
-import jakarta.enterprise.inject.spi.BeanManager;
-import jakarta.enterprise.inject.spi.CDI;
-import jakarta.enterprise.inject.spi.CDIProvider;
-import jakarta.enterprise.util.TypeLiteral;
-
-/**
- * A fake CDI Provider for testing
- *
- * @author Antoine Sabot-Durand
- */
-public class FakeCDIProvider implements CDIProvider {
-
- @Override
- public CDI