学习参考博客:https://blog.csdn.net/benjaminzhang666/article/details/9664585
AccessibleObject类基本作用
  1。将反射的对象标记为在使用时取消默认java语言访问控制检查的能力
  2。在反射对象中设置accessible(翻译:无障碍)标志允许具有足够的特权
/**

 * The AccessibleObject class is the base class for Field, Method and

 * Constructor objects.  It provides the ability to flag a reflected

 * object as suppressing default Java language access control checks

 * when it is used.  The access checks--for public, default (package)

 * access, protected, and private members--are performed when Fields,

 * Methods or Constructors are used to set or get fields, to invoke

 * methods, or to create and initialize new instances of classes,

 * respectively.
  AccessibleObject类是Field,Method和Constructor对象的父类,它提供了将反射对象标记
为在使用它时抑制默认java语言访问控制检查的功能。当使用Fields,Methods或Constructor来
设置或获取字段,调用方法,或创建和初始化新的类实例时,执行访问检查(对于public,默认(包)访问
,受保护和私有成员)

 *

 * <p>Setting the {@code accessible} flag in a reflected object

 * permits sophisticated applications with sufficient privilege, such

 * as Java Object Serialization or other persistence mechanisms, to

 * manipulate objects in a manner that would normally be prohibited.

 在反射对象中设置accessible标志允许具有足够权限的复杂应用程序(如java对象序列化
或其他持久性机制)以通常被禁止的方式操纵对象

 * <p>By default, a reflected object is <em>not</em> accessible.
  默认情况下,反射对象不可访问
*/

public class AccessibleObject implements AnnotatedElement {

    /**

     * The Permission object that is used to check whether a client

     * has sufficient privilege to defeat Java language access

     * control checks.
    Permission对象,用于检查客户端是否具有足够的权限来阻止java语言访问控制检查

     */

    static final private java.security.Permission ACCESS_PERMISSION =

        new ReflectPermission("suppressAccessChecks");

    /**

     * Convenience method to set the {@code accessible} flag for an

     * array of objects with a single security check (for efficiency).

    使用单一安全检查来设置对象数组的可访问标志的一个方便的方法(为了效率)*/

    public static void setAccessible(AccessibleObject[] array, boolean flag)

        throws SecurityException {

        SecurityManager sm = System.getSecurityManager();//获取系统安全的接口

        if (sm != null) sm.checkPermission(ACCESS_PERMISSION);

        for (int i = 0; i < array.length; i++) {

            setAccessible0(array[i], flag);

        }

    }

    /**

    将对象的可访问标志设置为指示的布尔值*/

    public void setAccessible(boolean flag) throws SecurityException {

        SecurityManager sm = System.getSecurityManager();

        if (sm != null) sm.checkPermission(ACCESS_PERMISSION);

        setAccessible0(this, flag);

    }

    /* Check that you aren't exposing java.lang.Class.<init> or sensitive

       fields in java.lang.Class. */

    private static void setAccessible0(AccessibleObject obj, boolean flag)

        throws SecurityException

    {

        if (obj instanceof Constructor && flag == true) {

            Constructor<?> c = (Constructor<?>)obj;

            if (c.getDeclaringClass() == Class.class) {

                throw new SecurityException("Cannot make a java.lang.Class" +

                                            " constructor accessible");

            }

        }

        obj.override = flag;

    }

    /**

   获取此对象的accessible标志的值(布尔类型)*/

    public boolean isAccessible() {

        return override;

    }

    /**

     * Constructor: only used by the Java Virtual Machine.
    构造函数,仅有java虚拟机使用

     */

    protected AccessibleObject() {}

    // Indicates whether language-level access checks are overridden

    // by this object. Initializes to "false". This field is used by

    // Field, Method, and Constructor.

    通过这个对象,指示是否覆盖语言级别访问检查权限,初始化为false,该字段用于Field,
  Method和Constructor

    // NOTE: for security purposes, this field must not be visible

    // outside this package.
  出于安全考虑,此字段不得显示出包外

    boolean override;

    // Reflection factory used by subclasses for creating field,

    // method, and constructor accessors. Note that this is called

    // very early in the bootstrapping process.
    子类用于创建字段,方法和构造函数的反射工厂

    static final ReflectionFactory reflectionFactory =

        AccessController.doPrivileged(

            new sun.reflect.ReflectionFactory.GetReflectionFactoryAction());

    /**

     * @throws NullPointerException {@inheritDoc}

     * @since 1.5

     */

    public <T extends Annotation> T getAnnotation(Class<T> annotationClass) {

        throw new AssertionError("All subclasses should override this method");

    }

    /**

     * {@inheritDoc}

     * @throws NullPointerException {@inheritDoc}

     * @since 1.5

     */

    @Override

    public boolean isAnnotationPresent(Class<? extends Annotation> annotationClass) {

        return AnnotatedElement.super.isAnnotationPresent(annotationClass);

    }

   /**

     * @throws NullPointerException {@inheritDoc}

     * @since 1.8

     */

    @Override

    public <T extends Annotation> T[] getAnnotationsByType(Class<T> annotationClass) {

        throw new AssertionError("All subclasses should override this method");

    }

    /**

     * @since 1.5

     */

    public Annotation[] getAnnotations() {

        return getDeclaredAnnotations();

    }

    /**

     * @throws NullPointerException {@inheritDoc}

     * @since 1.8

     */

    @Override

    public <T extends Annotation> T getDeclaredAnnotation(Class<T> annotationClass) {

        // Only annotations on classes are inherited, for all other

        // objects getDeclaredAnnotation is the same as

        // getAnnotation.

        return getAnnotation(annotationClass);

    }

    /**

     * @throws NullPointerException {@inheritDoc}

     * @since 1.8

     */

    @Override

    public <T extends Annotation> T[] getDeclaredAnnotationsByType(Class<T> annotationClass) {

        // Only annotations on classes are inherited, for all other

        // objects getDeclaredAnnotationsByType is the same as

        // getAnnotationsByType.

        return getAnnotationsByType(annotationClass);

    }

    /**

     * @since 1.5

     */

    public Annotation[] getDeclaredAnnotations()  {

        throw new AssertionError("All subclasses should override this method");

    }

    // Shared access checking logic.

    // For non-public members or members in package-private classes,

    // it is necessary to perform somewhat expensive security checks.

    // If the security check succeeds for a given class, it will

    // always succeed (it is not affected by the granting or revoking

    // of permissions); we speed up the check in the common case by

    // remembering the last Class for which the check succeeded.

    //

    // The simple security check for Constructor is to see if

    // the caller has already been seen, verified, and cached.

    // (See also Class.newInstance(), which uses a similar method.)

    //

    // A more complicated security check cache is needed for Method and Field

    // The cache can be either null (empty cache), a 2-array of {caller,target},

    // or a caller (with target implicitly equal to this.clazz).

    // In the 2-array case, the target is always different from the clazz.

    volatile Object securityCheckCache;

    void checkAccess(Class<?> caller, Class<?> clazz, Object obj, int modifiers)

        throws IllegalAccessException

    {

        if (caller == clazz) {  // quick check

            return;             // ACCESS IS OK

        }

        Object cache = securityCheckCache;  // read volatile

        Class<?> targetClass = clazz;

        if (obj != null

            && Modifier.isProtected(modifiers)

            && ((targetClass = obj.getClass()) != clazz)) {

            // Must match a 2-list of { caller, targetClass }.

            if (cache instanceof Class[]) {

                Class<?>[] cache2 = (Class<?>[]) cache;

                if (cache2[1] == targetClass &&

                    cache2[0] == caller) {

                    return;     // ACCESS IS OK

                }

                // (Test cache[1] first since range check for [1]

                // subsumes range check for [0].)

            }

        } else if (cache == caller) {

            // Non-protected case (or obj.class == this.clazz).

            return;             // ACCESS IS OK

        }

        // If no return, fall through to the slow path.

        slowCheckMemberAccess(caller, clazz, obj, modifiers, targetClass);

    }

    // Keep all this slow stuff out of line:

    void slowCheckMemberAccess(Class<?> caller, Class<?> clazz, Object obj, int modifiers,

                               Class<?> targetClass)

        throws IllegalAccessException

    {

        Reflection.ensureMemberAccess(caller, clazz, obj, modifiers);

        // Success: Update the cache.

        Object cache = ((targetClass == clazz)

                        ? caller

                        : new Class<?>[] { caller, targetClass });

        // Note:  The two cache elements are not volatile,

        // but they are effectively final.  The Java memory model

        // guarantees that the initializing stores for the cache

        // elements will occur before the volatile write.

        securityCheckCache = cache;         // write volatile

    }

}

java基础源码 (5)--reflect包-AccessibleObject类的更多相关文章

  1. java基础源码 (4)--reflect包-AnnotatedElement接口

    接口:AnnotatedElement * Represents an annotated element of the program currently running in this * VM. ...

  2. java基础源码 (6)--ArrayListt类

    原作出处:https://www.cnblogs.com/leesf456/p/5308358.html 简介: 1.ArrayList是一个数组队列,相当于动态数组.与java中的数组相比,它的容量 ...

  3. java基础源码 (1)--String类

    这个是String类上面的注释,我用谷歌翻译翻译的,虽然有点语法上的问题,但是大概都可以翻译出来 /** * The {@code String} class represents character ...

  4. java基础源码 (3)--Annotation(注解)

    借鉴博客地址:https://www.cnblogs.com/skywang12345/p/3344137.html /** * The common interface extended by al ...

  5. java基础源码 (2)--StringBuilder类

    Serializable(接口): 是一个IO的序列化接口,实现了这个接口,就代表这个类可以序列化或者反序列化,该接口没有方法或者字段,仅用于标识可串行话的语义. Appendable(接口): /* ...

  6. 自学Java HashMap源码

    自学Java HashMap源码 参考:http://zhangshixi.iteye.com/blog/672697 HashMap概述 HashMap是基于哈希表的Map接口的非同步实现.此实现提 ...

  7. Java集合源码分析(三)LinkedList

    LinkedList简介 LinkedList是基于双向循环链表(从源码中可以很容易看出)实现的,除了可以当做链表来操作外,它还可以当做栈.队列和双端队列来使用. LinkedList同样是非线程安全 ...

  8. Java集合源码学习(一)集合框架概览

    >>集合框架 Java集合框架包含了大部分Java开发中用到的数据结构,主要包括List列表.Set集合.Map映射.迭代器(Iterator.Enumeration).工具类(Array ...

  9. 编译哈工大语言技术平台云LTP(C++)源码及LTP4J(Java)源码

    转自:编译哈工大语言技术平台云LTP(C++)源码及LTP4J(Java)源码 JDK:java version “1.8.0_31”Java(TM) SE Runtime Environment ( ...

随机推荐

  1. C# Connection:连接数据库---转载

    C# 语言中 Connection 类是 ADO.NET 组件连接数据库时第一个要使用的类,也是通过编程访问数据库的第一步. 接下来我们来了解一下 Connection 类中的常用属性和方法,以及如何 ...

  2. linux修改键盘按键

    我的电脑:Fedora-19 $ uname -a Linux localhost.localdomain 3.11.10-200.fc19.i686 #1 SMP Mon Dec 2 20:48:2 ...

  3. js网页拉起支付宝支付

    js网页唤起支付宝进行支付 在做uni-app项目中,打包成 ios App的时候,为了绕过苹果支付的审核,所以用的 webview 加载支付宝的网页支付,进行付款 具体实现流程: 前端通过 url ...

  4. java web开发缓存方案,ehcache和redis哪个更好

    Ehcache在java项目广泛的使用.它是一个开源的.设计于提高在数据从RDBMS中取出来的高花费.高延迟采取的一种缓存方案.正因为Ehcache具有健壮性(基于java开发).被认证(具有apac ...

  5. PV 动态供给【转】

    前面的例子中,我们提前创建了 PV,然后通过 PVC 申请 PV 并在 Pod 中使用,这种方式叫做静态供给(Static Provision). 与之对应的是动态供给(Dynamical Provi ...

  6. Jmeter测试入门——带token的http请求

    安装 官网下载地址:http://jmeter.apache.org/download_jmeter.cgi 下载完成后解压zip包 启动JMeter,双击JMeter解压路径bin下面的jmeter ...

  7. DBlink查看,创建于删除

    1.查看dblink select owner,object_name from dba_objects where object_type='DATABASE LINK'; 或者 select * ...

  8. NOIp2018普及组初赛试卷

    第二十四届全国青少年信息学奥林匹克联赛初赛(普及组C++语言试题)

  9. C语言中指针和取地址符&的关系

    一 概念定义: 严格说起来,应该这么讲:指针存的是地址,而&运算符是取变量的地址. 指针原理: 其实计算机中的内存就像一个个抽屉(一兆内存就相当于1百万个抽屉),每个抽屉都有一个编号,用于存放 ...

  10. CSS样式表——样式

    样式: 1)大小 width:200px;       或width:100%;                           //样式中要加单位 height:100px; 2)背景 back ...