Java 防止在类外调用私有(private)或 protected 方法

Question

假设我创建了一个名为 Foo 的 Java 库，并且在该库中有一个名为 Bar 的类。让我们进一步假设在 Bar 类中我有一个私有(private)方法，称为 fooBar。

public class Bar {
    //...
    private Object fooBar() {
        //Do something
    }
    //...
}

使用类中编写的代码可以毫无困难地运行此方法，如下所示:

public static Object runMethod(Object object, String methodName) {
    Method method = object.getClass().getDeclaredMethod(methodName);
    method.setAccessible(true);
    return method.invoke(object);
}

但是，让我们假设我们打算阻止 fooBar 的这种习惯。我们怎么能做那样的事情呢？我们是否应该从某个地方获取堆栈跟踪并检查调用它的位置？还是我们应该做点别的？

Answer 1

你需要一个安全管理器......

https://docs.oracle.com/javase/tutorial/essential/environment/security.html

A security manager is an object that defines a security policy for an application. This policy specifies actions that are unsafe or sensitive. Any actions not allowed by the security policy cause a SecurityException to be thrown. An application can also query its security manager to discover which actions are allowed.

它支持禁止 setAccessible() 通过反射调用私有(private)和 protected 方法。