policeman-tools · uschindler · Nov 14, 2015 · Nov 8, 2015 · Nov 11, 2015 · Nov 12, 2015
diff --git a/build.xml b/build.xml
@@ -477,6 +477,7 @@
       <bundledsignatures name="jdk-unsafe-${build.java.runtime}"/>
       <bundledsignatures name="jdk-deprecated-${build.java.runtime}"/>
       <bundledsignatures name="jdk-system-out"/>
+      <bundledsignatures name="jdk-reflection"/>
     </forbiddenapis>
   </target>
 
@@ -649,4 +650,4 @@
   </target>
 
   <target name="jenkins" depends="clean,dist,test,documentation,-stage.snapshots" description="Runs Jenkins Nightly"/>
-</project>
+</project>
diff --git a/src/main/resources/de/thetaphi/forbiddenapis/signatures/jdk-reflection.txt b/src/main/resources/de/thetaphi/forbiddenapis/signatures/jdk-reflection.txt
@@ -0,0 +1,19 @@
+# (C) Copyright Uwe Schindler (Generics Policeman) and others.
+# Parts of this work are licensed to the Apache Software Foundation (ASF)
+# under one or more contributor license agreements.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+java.lang.reflect.AccessibleObject#setAccessible(java.lang.reflect.AccessibleObject[], boolean) @ Reflection usage fails with SecurityManagers and likely will not work any more in Java 9
+java.lang.reflect.AccessibleObject#setAccessible(boolean) @ Reflection usage fails with SecurityManagers and likely will not work any more in Java 9
+java.lang.reflect.Method#invoke(java.lang.Object, java.lang.Object[]) @ Reflection usage fails with SecurityManagers and likely will not work any more in Java 9
diff --git a/src/test/antunit/OracleReflection.class b/src/test/antunit/OracleReflection.class
diff --git a/src/test/antunit/OracleReflection.java b/src/test/antunit/OracleReflection.java
@@ -0,0 +1,42 @@
+/*
+ * (C) Copyright Uwe Schindler (Generics Policeman) and others.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* The binary class file is packaged together with the source distribution.
+ */
+
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import java.util.*;
+
+class OracleReflection {
+  static Field test() throws Exception {
+    Class c = OracleReflection.class;
+    Field f = c.getDeclaredField("field1");
+    f.setAccessible(true);
+
+    Method m = c.getDeclaredMethod("testMethod");
+    m.setAccessible(true);
+    m.invoke(new OracleReflection());
+
+    return f;
+  }
+
+  private Integer field1;
+
+  private void testMethod() {
+    // nothing to do here
+  }
+}
diff --git a/src/test/antunit/TestOracleReflection.xml b/src/test/antunit/TestOracleReflection.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ * (C) Copyright Uwe Schindler (Generics Policeman) and others.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+-->
+<project xmlns:au="antlib:org.apache.ant.antunit">
+
+  <target name="testReflection">
+    <au:expectfailure expectedMessage="Check for forbidden API calls failed, see log">
+      <forbiddenapis>
+        <bundledsignatures name="jdk-reflection"/>
+        <file file="OracleReflection.class"/>
+      </forbiddenapis>
+    </au:expectfailure>
+    <au:assertLogContains level="error" text="java.lang.reflect.AccessibleObject#setAccessible(boolean) [Reflection usage fails with SecurityManagers"/>
+    <au:assertLogContains level="error" text="java.lang.reflect.Method#invoke(java.lang.Object, java.lang.Object[]) [Reflection usage fails with SecurityManagers"/>
+    <au:assertLogContains level="error" text=" 3 error(s)"/> 
+  </target>
+
+</project>