File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Reflection use with private method

 
nitin pokhriyal
Ranch Hand
Posts: 263
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
if a private method of a class can be accessed by any other class by using reflection then what is the use of keeping a private method. Is there any way to protect your class so that even using reflection cannot access it?

Thanks in advance
 
Rob Spoor
Sheriff
Pie
Posts: 20396
47
Chrome Eclipse IDE Java Windows
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can actually block access using security managers.
 
Ernest Friedman-Hill
author and iconoclast
Marshal
Pie
Posts: 24204
34
Chrome Eclipse IDE Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
First, you have to understand the difference between security and good software engineering practice. The first is something you try to lock down 100%. The latter is something you try to enforce, but people have legitimate reasons for getting around it in some cases. For example, "encapsulation" is good practice, but sometimes someone might need to hack a feature in under a tight deadline...

Second, note that although by default, you can access private members using reflection, a java.lang.SecurityManager can be installed in any JVM, and that security manager can block reflective access by policy. In a security-critical environment, this might be something you want to do.
 
Sebastian Janisch
Ranch Hand
Posts: 1183
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you have a private constructor for instance you could use:



 
nitin pokhriyal
Ranch Hand
Posts: 263
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks to three of you.
I think ernest and fred were right about security manager but Sebastian i asked about only accessing private method security not about securing my class. so your solution doesn't seems to be working in this case. correct me if i am wrong
 
Rob Spoor
Sheriff
Pie
Posts: 20396
47
Chrome Eclipse IDE Java Windows
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
nitin pokhriyal wrote:fred

*looks at himself* nope, I definitely do not look like Fred Flintstone.
 
nitin pokhriyal
Ranch Hand
Posts: 263
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am really sorry Rob. My bad..
 
Rob Spoor
Sheriff
Pie
Posts: 20396
47
Chrome Eclipse IDE Java Windows
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It's ok, it's quite normal to mistake us bartenders. Especially since Fred is so much more helpful than me
 
nitin pokhriyal
Ranch Hand
Posts: 263
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i have never seen so much quick response in any other forum even in ranch. I really appreciate your help
 
Sebastian Janisch
Ranch Hand
Posts: 1183
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
nitin pokhriyal wrote:Thanks to three of you.
I think ernest and fred were right about security manager but Sebastian i asked about only accessing private method security not about securing my class. so your solution doesn't seems to be working in this case. correct me if i am wrong


Yes if it's not the Constructor you want to protect then your best bet is the security Manager
 
R van Vliet
Ranch Hand
Posts: 144
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sebastian Janisch wrote:
nitin pokhriyal wrote:Thanks to three of you.
I think ernest and fred were right about security manager but Sebastian i asked about only accessing private method security not about securing my class. so your solution doesn't seems to be working in this case. correct me if i am wrong


Yes if it's not the Constructor you want to protect then your best bet is the security Manager


It is a little odd. By default you cannot actually invoke private methods using the default security manager. But then it does allow :


After which you can invoke the private method. Bit silly.
 
Henry Wong
author
Marshal
Pie
Posts: 20836
75
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
R van Vliet wrote:
It is a little odd. By default you cannot actually invoke private methods using the default security manager. But then it does allow :


After which you can invoke the private method. Bit silly.


That's how (or more correctly, when) the security manager is called. The setAccessible() method is the method that invokes the check with the security manager.

Henry
 
R van Vliet
Ranch Hand
Posts: 144
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Henry Wong wrote:
R van Vliet wrote:
It is a little odd. By default you cannot actually invoke private methods using the default security manager. But then it does allow :


After which you can invoke the private method. Bit silly.


That's how (or more correctly, when) the security manager is called. The setAccessible() method is the method that invokes the check with the security manager.

Henry


Yep, I know, that's exactly what I find slightly odd. Apparently the security manager by default does not allow invocation of reflected private methods, but it does allow me to tell it that it's wrong and override it's opinion on my private method access ;) Any SecurityManager implementation where setAccessible(true) succeeds shouldn't impose a limitation on invoking that method in the first place in my opinion.

I'm glad it works because we use it in our game server so we don't have to use a custom security manager but it is a little odd.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic