Class SecurityManagerHandler

java.lang.Object
edu.umd.cs.findbugs.util.SecurityManagerHandler

public class SecurityManagerHandler extends Object
Since Java 17, the security manager is deprecated for removal and invoking related methods causes a warning to be printed to the console. This intermediate disables the use of security manager-related APIs on Java 17 or later, unless using the security manager is explicitly configured by setting the edu.umd.cs.findbugs.securityManagerDisabled property.
  • Field Details

    • LOGGER

      private static final org.slf4j.Logger LOGGER
    • SECURITY_MANAGER_DISABLED

      private static final boolean SECURITY_MANAGER_DISABLED
      Determines if the security manager is used by SpotBugs.
  • Constructor Details

    • SecurityManagerHandler

      public SecurityManagerHandler()
  • Method Details

    • disableSecurityManager

      public static void disableSecurityManager()
      Disables the security manager by setting System.setSecurityManager(SecurityManager) to null.
    • doDisableSecurityManager

      private static void doDisableSecurityManager()
      This method is a safeguard for running this library on a JVM that might no longer include the security manager API after removal. As the JVM verifies methods lazily, and since this method will never be invoked, validation of this method with a missing type can never fail. As some environments do not support setting the security manager but always return null when getting it, we check if a security manager is set before disabling it.