in src/main/java/org/apache/commons/beanutils2/MethodUtils.java [1103:1147]
private static void setMethodAccessible(final Method method) {
try {
//
// XXX Default access superclass workaround
//
// When a public class has a default access superclass
// with public methods, these methods are accessible.
// Calling them from compiled code works fine.
//
// Unfortunately, using reflection to invoke these methods
// seems to (wrongly) to prevent access even when the method
// modifier is public.
//
// The following workaround solves the problem but will only
// work from sufficiently privileges code.
//
// Better workarounds would be gratefully accepted.
//
if (!method.isAccessible()) {
method.setAccessible(true);
}
} catch (final SecurityException se) {
// log but continue just in case the method.invoke works anyway
if (!loggedAccessibleWarning) {
boolean vulnerableJVM = false;
try {
final String specVersion = SystemProperties.getJavaSpecificationVersion();
if (specVersion.charAt(0) == '1'
&& (specVersion.charAt(2) == '0' || specVersion.charAt(2) == '1' || specVersion.charAt(2) == '2' || specVersion.charAt(2) == '3')) {
vulnerableJVM = true;
}
} catch (final SecurityException e) {
// don't know - so display warning
vulnerableJVM = true;
}
if (vulnerableJVM) {
LOG.warn("Current Security Manager restricts use of workarounds for reflection bugs " + " in pre-1.4 JVMs.");
}
loggedAccessibleWarning = true;
}
LOG.debug("Cannot setAccessible on method. Therefore cannot use jvm access bug workaround.", se);
}
}