Class SecurityManagerHandler


  • public class SecurityManagerHandler
    extends java.lang.Object
    Since Java 17, the security manager is deprecated for removal and invoking related methods causes a warning to be printed to the console. This intermediate disables the use of security manager-related APIs on Java 17 or later, unless using the security manager is explicitly configured by setting the edu.umd.cs.findbugs.securityManagerDisabled property.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      private static org.slf4j.Logger LOGGER  
      private static boolean SECURITY_MANAGER_DISABLED
      Determines if the security manager is used by SpotBugs.
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static void disableSecurityManager()
      Disables the security manager by setting System.setSecurityManager(SecurityManager) to null.
      private static void doDisableSecurityManager()
      This method is a safeguard for running this library on a JVM that might no longer include the security manager API after removal.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • LOGGER

        private static final org.slf4j.Logger LOGGER
      • SECURITY_MANAGER_DISABLED

        private static final boolean SECURITY_MANAGER_DISABLED
        Determines if the security manager is used by SpotBugs.
    • Constructor Detail

      • SecurityManagerHandler

        public SecurityManagerHandler()
    • Method Detail

      • disableSecurityManager

        public static void disableSecurityManager()
        Disables the security manager by setting System.setSecurityManager(SecurityManager) to null.
      • doDisableSecurityManager

        private static void doDisableSecurityManager()
        This method is a safeguard for running this library on a JVM that might no longer include the security manager API after removal. As the JVM verifies methods lazily, and since this method will never be invoked, validation of this method with a missing type can never fail. As some environments do not support setting the security manager but always return null when getting it, we check if a security manager is set before disabling it.