Improve integration with Java's security manager

Description

Currently we wrap all reflection calls in PrivilegedAction. This way Validators need the following grants in the policy file:

However, this also means that a user might now use ReflectionHelper to execute reflection calls which otherwise would be no allowed. To prevent this we need a Validator specific permission type. Something like this:

Environment

None

Status

Assignee

Gunnar Morling

Reporter

Hardy Ferentschik

Labels

None

Feedback Requested

None

Feedback Requested By

None

backPortable

None

Suitable for new contributors

None

Pull Request

None

backportDecision

None

backportReEvaluate

None

Components

Affects versions

Priority

Major
Configure