Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

solution of security issue -> visibility level setId() ?  RSS feed

manuel aldana
Ranch Hand
Posts: 308
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

i am using surrogate primary keys on my persistent classes.
two things:
-i don't want to expose my setId() to my whole application ->i.e. nobody should be able to set it and this way "break" my model
-i want to use a security manager so accessing private setters and fields is prohibited

problem is that this way there are problems with hibernate, because it never will be able invoke setId() either.

i thought i could overcome this problem by setting visibility of setId() to protected, so hibernate (as it uses proxying by subclassing) can still access it.

now my questions:
1)is hibernate always using subclassing to get access to my class?
2)are there other ways to have security manager (reflection issues) enabled, protecting my fields/setters and hibernate still being working?
3)is it usual (at all) to switch on security manager when using hibernate?

thank you.
Don't get me started about those stupid light bulbs.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!