HHH-12931 Revert "HHH-12542 - Add necessary privileged action blocks for SecurityManager used on WildFly."

This reverts commit d24685de67.

hibernate-core/src/main/java/org/hibernate/boot/cfgxml/internal/ConfigLoader.java

@@ -12,8 +12,6 @@ import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Properties;
 
 import org.hibernate.boot.cfgxml.spi.LoadedConfig;
@@ -50,34 +48,27 @@ public class ConfigLoader {
 	}
 
 	public LoadedConfig loadConfigXmlResource(String cfgXmlResourceName) {
-		final PrivilegedAction<JaxbCfgHibernateConfiguration> action = new PrivilegedAction<JaxbCfgHibernateConfiguration>() {
+		final InputStream stream = bootstrapServiceRegistry.getService( ClassLoaderService.class ).locateResourceStream( cfgXmlResourceName );
-			@Override
+		if ( stream == null ) {
-			public JaxbCfgHibernateConfiguration run() {
+			throw new ConfigurationException( "Could not locate cfg.xml resource [" + cfgXmlResourceName + "]" );
-				final InputStream stream = bootstrapServiceRegistry.getService( ClassLoaderService.class ).locateResourceStream( cfgXmlResourceName );
+		}
-				if ( stream == null ) {
-					throw new ConfigurationException( "Could not locate cfg.xml resource [" + cfgXmlResourceName + "]" );
-				}
 
-				try {
+		try {
-					return jaxbProcessorHolder.getValue().unmarshal(
+			final JaxbCfgHibernateConfiguration jaxbCfg = jaxbProcessorHolder.getValue().unmarshal(
-							stream,
+					stream,
-							new Origin( SourceType.RESOURCE, cfgXmlResourceName )
+					new Origin( SourceType.RESOURCE, cfgXmlResourceName )
-					);
+			);
-				}
+
-				finally {
+			return LoadedConfig.consume( jaxbCfg );
-					try {
+		}
-						stream.close();
+		finally {
-					}
+			try {
-					catch ( IOException e ) {
+				stream.close();
-						log.debug( "Unable to close cfg.xml resource stream", e );
-					}
-				}
 			}
-		};
+			catch (IOException e) {
-
+				log.debug( "Unable to close cfg.xml resource stream", e );
-		return LoadedConfig.consume(
+			}
-				System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run()
+		}
-		);
 	}
 
 	public LoadedConfig loadConfigXmlFile(File cfgXmlFile) {

hibernate-core/src/main/java/org/hibernate/boot/jaxb/internal/AbstractBinder.java

@@ -7,9 +7,6 @@
 package org.hibernate.boot.jaxb.internal;
 
 import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-
 import javax.xml.bind.JAXBContext;
 import javax.xml.bind.JAXBException;
 import javax.xml.bind.Unmarshaller;
@@ -101,15 +98,8 @@ public abstract class AbstractBinder implements Binder {
 
 	private Binding doBind(XMLEventReader eventReader, Origin origin) {
 		try {
-			final PrivilegedAction<Binding> action = new PrivilegedAction<Binding>() {
+			final StartElement rootElementStartEvent = seekRootElementStartEvent( eventReader, origin );
-				@Override
+			return doBind( eventReader, rootElementStartEvent, origin );
-				public Binding run() {
-					final StartElement rootElementStartEvent = seekRootElementStartEvent( eventReader, origin );
-					return doBind( eventReader, rootElementStartEvent, origin );
-				}
-			};
-
-			return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 		}
 		finally {
 			try {

hibernate-core/src/main/java/org/hibernate/boot/registry/classloading/internal/ClassLoaderServiceImpl.java

@@ -83,16 +83,11 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
 		orderedClassLoaderSet.add( ClassLoaderServiceImpl.class.getClassLoader() );
 
 		// now build the aggregated class loader...
-		final PrivilegedAction<AggregatedClassLoader> action = new PrivilegedAction<AggregatedClassLoader>() {
+		this.aggregatedClassLoader = AccessController.doPrivileged( new PrivilegedAction<AggregatedClassLoader>() {
-			@Override
 			public AggregatedClassLoader run() {
 				return new AggregatedClassLoader( orderedClassLoaderSet, lookupPrecedence );
 			}
-		};
+		} );
-
-		this.aggregatedClassLoader = System.getSecurityManager() != null
-				? AccessController.doPrivileged( action )
-				: action.run();
 	}
 
 	/**
@@ -352,62 +347,49 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
 	@Override
 	@SuppressWarnings({"unchecked"})
 	public <T> Class<T> classForName(String className) {
-		final PrivilegedAction<Class<T>> action = new PrivilegedAction<Class<T>>() {
+		try {
-			@Override
+			return (Class<T>) Class.forName( className, true, getAggregatedClassLoader() );
-			public Class<T> run() {
+		}
-				try {
+		catch (Exception e) {
-					return (Class<T>) Class.forName( className, true, getAggregatedClassLoader() );
+			throw new ClassLoadingException( "Unable to load class [" + className + "]", e );
-				}
+		}
-				catch (Exception e) {
+		catch (LinkageError e) {
-					throw new ClassLoadingException( "Unable to load class [" + className + "]", e );
+			throw new ClassLoadingException( "Unable to load class [" + className + "]", e );
-				}
+		}
-				catch (LinkageError e) {
-					throw new ClassLoadingException( "Unable to load class [" + className + "]", e );
-				}
-			}
-		};
-
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 	}
 
 	@Override
-	public URL locateResource(final String name) {
+	public URL locateResource(String name) {
-		final PrivilegedAction<URL> action = new PrivilegedAction<URL>() {
+		// first we try name as a URL
-			@Override
+		try {
-			public URL run() {
+			return new URL( name );
-				try {
+		}
-					return new URL( name );
+		catch (Exception ignore) {
-				}
+		}
-				catch (Exception ignore) {
-				}
 
-				try {
+		try {
-					final URL url = getAggregatedClassLoader().getResource( name );
+			final URL url = getAggregatedClassLoader().getResource( name );
-					if ( url != null ) {
+			if ( url != null ) {
-						return url;
+				return url;
-					}
-				}
-				catch (Exception ignore) {
-				}
-
-				if ( name.startsWith( "/" ) ) {
-					final String resourceName = name.substring( 1 );
-
-					try {
-						final URL url = getAggregatedClassLoader().getResource( resourceName );
-						if ( url != null ) {
-							return url;
-						}
-					}
-					catch (Exception ignore) {
-					}
-				}
-
-				return null;
 			}
-		};
+		}
+		catch (Exception ignore) {
+		}
 
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
+		if ( name.startsWith( "/" ) ) {
+			name = name.substring( 1 );
+
+			try {
+				final URL url = getAggregatedClassLoader().getResource( name );
+				if ( url != null ) {
+					return url;
+				}
+			}
+			catch (Exception ignore) {
+			}
+		}
+
+		return null;
 	}
 
 	@Override
@@ -474,22 +456,16 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
 	@Override
 	@SuppressWarnings("unchecked")
 	public <S> Collection<S> loadJavaServices(Class<S> serviceContract) {
-		final PrivilegedAction<Collection<S>> action = new PrivilegedAction<Collection<S>>() {
+		ServiceLoader<S> serviceLoader = serviceLoaders.get( serviceContract );
-			@Override
+		if ( serviceLoader == null ) {
-			public Collection<S> run() {
+			serviceLoader = ServiceLoader.load( serviceContract, getAggregatedClassLoader() );
-				ServiceLoader<S> serviceLoader = serviceLoaders.get( serviceContract );
+			serviceLoaders.put( serviceContract, serviceLoader );
-				if ( serviceLoader == null ) {
+		}
-					serviceLoader = ServiceLoader.load( serviceContract, getAggregatedClassLoader() );
+		final LinkedHashSet<S> services = new LinkedHashSet<S>();
-					serviceLoaders.put( serviceContract, serviceLoader );
+		for ( S service : serviceLoader ) {
-				}
+			services.add( service );
-				final LinkedHashSet<S> services = new LinkedHashSet<S>();
+		}
-				for ( S service : serviceLoader ) {
+		return services;
-					services.add( service );
-				}
-				return services;
-			}
-		};
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 	}
 
 	@Override
@@ -504,13 +480,7 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
 
 	@Override
 	public <T> T workWithClassLoader(Work<T> work) {
-		final PrivilegedAction<T> action = new PrivilegedAction<T>() {
+		return work.doWork( getAggregatedClassLoader() );
-			@Override
-			public T run() {
-				return work.doWork( getAggregatedClassLoader() );
-			}
-		};
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 	}
 
 	private ClassLoader getAggregatedClassLoader() {

hibernate-core/src/main/java/org/hibernate/internal/util/ConfigHelper.java

@@ -10,8 +10,6 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.net.MalformedURLException;
 import java.net.URL;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 
 import org.hibernate.HibernateException;
 import org.hibernate.cfg.Environment;
@@ -115,33 +113,28 @@ public final class ConfigHelper {
 	}
 
 	public static InputStream getResourceAsStream(String resource) {
-		final PrivilegedAction<InputStream> action = new PrivilegedAction<InputStream>() {
+		String stripped = resource.startsWith( "/" )
-			@Override
+				? resource.substring( 1 )
-			public InputStream run() {
+				: resource;
-				String stripped = resource.startsWith( "/" )
-						? resource.substring( 1 )
-						: resource;
 
-				InputStream stream = null;
+		InputStream stream = null;
-				ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
+		ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
-				if ( classLoader != null ) {
+		if ( classLoader != null ) {
-					stream = classLoader.getResourceAsStream( stripped );
+			stream = classLoader.getResourceAsStream( stripped );
-				}
+		}
-				if ( stream == null ) {
+		if ( stream == null ) {
-					stream = Environment.class.getResourceAsStream( resource );
+			stream = Environment.class.getResourceAsStream( resource );
-				}
+		}
-				if ( stream == null ) {
+		if ( stream == null ) {
-					stream = Environment.class.getClassLoader().getResourceAsStream( stripped );
+			stream = Environment.class.getClassLoader().getResourceAsStream( stripped );
-				}
+		}
-				if ( stream == null ) {
+		if ( stream == null ) {
-					throw new HibernateException( resource + " not found" );
+			throw new HibernateException( resource + " not found" );
-				}
+		}
-				return stream;
+		return stream;
-			}
-		};
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 	}
 
+
 	public static InputStream getUserResourceAsStream(String resource) {
 		boolean hasLeadingSlash = resource.startsWith( "/" );
 		String stripped = hasLeadingSlash ? resource.substring( 1 ) : resource;

hibernate-core/src/main/java/org/hibernate/internal/util/ReflectHelper.java

@@ -13,8 +13,6 @@ import java.lang.reflect.Field;
 import java.lang.reflect.Member;
 import java.lang.reflect.Method;
 import java.lang.reflect.Modifier;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Locale;
 import java.util.regex.Pattern;
 import javax.persistence.Transient;
@@ -237,14 +235,7 @@ public final class ReflectHelper {
 	}
 
 	private static Getter getter(Class clazz, String name) throws MappingException {
-		final PrivilegedAction<Getter> action = new PrivilegedAction<Getter>() {
+		return PropertyAccessStrategyMixedImpl.INSTANCE.buildPropertyAccess( clazz, name ).getGetter();
-			@Override
-			public Getter run() {
-				return PropertyAccessStrategyMixedImpl.INSTANCE.buildPropertyAccess( clazz, name ).getGetter();
-			}
-		};
-
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 	}
 
 	public static Object getConstantValue(String name, SessionFactoryImplementor factory) {
@@ -281,23 +272,16 @@ public final class ReflectHelper {
 			return null;
 		}
 
-		final PrivilegedAction<Constructor> action = new PrivilegedAction<Constructor>() {
+		try {
-			@Override
+			Constructor<T> constructor = clazz.getDeclaredConstructor( NO_PARAM_SIGNATURE );
-			public Constructor run() {
+			ensureAccessibility( constructor );
-				try {
+			return constructor;
-					Constructor<T> constructor = clazz.getDeclaredConstructor( NO_PARAM_SIGNATURE );
+		}
-					ensureAccessibility( constructor );
+		catch ( NoSuchMethodException nme ) {
-					return constructor;
+			throw new PropertyNotFoundException(
-				}
+					"Object class [" + clazz.getName() + "] must declare a default (no-argument) constructor"
-				catch (NoSuchMethodException e) {
+			);
-					throw new PropertyNotFoundException(
+		}
-							"Object class [" + clazz.getName() + "] must declare a default (no-argument) constructor"
-					);
-				}
-			}
-		};
-
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 	}
 
 	/**
@@ -364,19 +348,12 @@ public final class ReflectHelper {
 	}
 
 	public static Method getMethod(Class clazz, Method method) {
-		final PrivilegedAction<Method> action = new PrivilegedAction<Method>() {
+		try {
-			@Override
+			return clazz.getMethod( method.getName(), method.getParameterTypes() );
-			public Method run() {
+		}
-				try {
+		catch (Exception e) {
-					return clazz.getMethod( method.getName(), method.getParameterTypes() );
+			return null;
-				}
+		}
-				catch (Exception e){
-					return null;
-				}
-			}
-		};
-
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 	}
 
 	public static Field findField(Class containerClass, String propertyName) {
@@ -387,14 +364,8 @@ public final class ReflectHelper {
 			throw new IllegalArgumentException( "Illegal attempt to locate field [" + propertyName + "] on Object.class" );
 		}
 
-		final PrivilegedAction<Field> action = new PrivilegedAction<Field>() {
+		Field field = locateField( containerClass, propertyName );
-			@Override
-			public Field run() {
-				return locateField( containerClass, propertyName );
-			}
-		};
 
-		final Field field = System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 		if ( field == null ) {
 			throw new PropertyNotFoundException(
 					String.format(
@@ -412,22 +383,11 @@ public final class ReflectHelper {
 	}
 
 	public static void ensureAccessibility(AccessibleObject accessibleObject) {
-		final PrivilegedAction<Object> action = new PrivilegedAction<Object>() {
+		if ( accessibleObject.isAccessible() ) {
-			@Override
+			return;
-			public Object run() {
+		}
-				if ( !accessibleObject.isAccessible() ) {
-					accessibleObject.setAccessible( true );
-				}
-				return null;
-			}
-		};
 
-		if ( System.getSecurityManager() != null ) {
+		accessibleObject.setAccessible( true );
-			AccessController.doPrivileged( action );
-		}
-		else {
-			action.run();
-		}
 	}
 
 	private static Field locateField(Class clazz, String propertyName) {
@@ -502,7 +462,7 @@ public final class ReflectHelper {
 	}
 
 	private static Method getGetterOrNull(Class containerClass, String propertyName) {
-		for ( Method method : getDeclaredMethods( containerClass ) ) {
+		for ( Method method : containerClass.getDeclaredMethods() ) {
 			// if the method has parameters, skip it
 			if ( method.getParameterCount() != 0 ) {
 				continue;
@@ -553,39 +513,17 @@ public final class ReflectHelper {
 			String propertyName,
 			Method getMethod,
 			String stemName) {
-		final Method isMethod = getDeclaredMethod( containerClass, "is" + stemName );
+		// verify that the Class does not also define a method with the same stem name with 'is'
-		if ( isMethod != null ) {
+		try {
+			final Method isMethod = containerClass.getDeclaredMethod( "is" + stemName );
 			if ( !Modifier.isStatic( isMethod.getModifiers() ) && isMethod.getAnnotation( Transient.class ) == null ) {
 				// No such method should throw the caught exception.  So if we get here, there was
 				// such a method.
 				checkGetAndIsVariants( containerClass, propertyName, getMethod, isMethod );
 			}
 		}
-	}
+		catch (NoSuchMethodException ignore) {
-
+		}
-	private static Method getDeclaredMethod(Class containerClass, String methodName) {
-		final PrivilegedAction<Method> action = new PrivilegedAction<Method>() {
-			@Override
-			public Method run() {
-				try {
-					return containerClass.getDeclaredMethod( methodName );
-				}
-				catch (NoSuchMethodException ignore) {
-					return null;
-				}
-			}
-		};
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
-	}
-
-	private static Method[] getDeclaredMethods(Class containerClass) {
-		final PrivilegedAction<Method[]> action = new PrivilegedAction<Method[]>() {
-			@Override
-			public Method[] run() {
-				return containerClass.getDeclaredMethods();
-			}
-		};
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 	}
 
 	private static void checkGetAndIsVariants(
@@ -616,14 +554,16 @@ public final class ReflectHelper {
 			Method isMethod,
 			String stemName) {
 		// verify that the Class does not also define a method with the same stem name with 'is'
-		final Method getMethod = getDeclaredMethod( containerClass, "get" + stemName );
+		try {
-		if ( getMethod != null ) {
+			final Method getMethod = containerClass.getDeclaredMethod( "get" + stemName );
 			// No such method should throw the caught exception.  So if we get here, there was
 			// such a method.
 			if ( !Modifier.isStatic( getMethod.getModifiers() ) && getMethod.getAnnotation( Transient.class ) == null ) {
 				checkGetAndIsVariants( containerClass, propertyName, getMethod, isMethod );
 			}
 		}
+		catch (NoSuchMethodException ignore) {
+		}
 	}
 
 	public static Method getterMethodOrNull(Class containerJavaType, String propertyName) {
@@ -691,7 +631,7 @@ public final class ReflectHelper {
 	private static Method setterOrNull(Class theClass, String propertyName, Class propertyType) {
 		Method potentialSetter = null;
 
-		for ( Method method : getDeclaredMethods( theClass ) ) {
+		for ( Method method : theClass.getDeclaredMethods() ) {
 			final String methodName = method.getName();
 			if ( method.getParameterCount() == 1 && methodName.startsWith( "set" ) ) {
 				final String testOldMethod = methodName.substring( 3 );
@@ -716,7 +656,7 @@ public final class ReflectHelper {
 	 * as an abstract - but again, that is such an edge case...
 	 */
 	public static Method findGetterMethodForFieldAccess(Field field, String propertyName) {
-		for ( Method method : getDeclaredMethods( field.getDeclaringClass() ) ) {
+		for ( Method method : field.getDeclaringClass().getDeclaredMethods() ) {
 			// if the method has parameters, skip it
 			if ( method.getParameterCount() != 0 ) {
 				continue;

hibernate-core/src/main/java/org/hibernate/jpa/event/internal/CallbackBuilderLegacyImpl.java

@@ -10,8 +10,6 @@ import java.lang.annotation.Annotation;
 import java.lang.annotation.ElementType;
 import java.lang.annotation.Target;
 import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.List;
 import javax.persistence.Entity;
@@ -74,7 +72,6 @@ public class CallbackBuilderLegacyImpl implements CallbackBuilder {
 					}
 					continue;
 				}
-
 				final Callback[] callbacks = resolveEntityCallbacks( entityXClass, callbackType, reflectionManager );
 				callbackRegistrar.registerCallbacks( entityClass, callbacks );
 			}
@@ -122,7 +119,7 @@ public class CallbackBuilderLegacyImpl implements CallbackBuilder {
 		final boolean debugEnabled = log.isDebugEnabled();
 		do {
 			Callback callback = null;
-			List<XMethod> methods = getDeclaredMethods( currentClazz );
+			List<XMethod> methods = currentClazz.getDeclaredMethods();
 			for ( final XMethod xMethod : methods ) {
 				if ( xMethod.isAnnotationPresent( callbackType.getCallbackAnnotation() ) ) {
 					Method method = reflectionManager.toMethod( xMethod );
@@ -193,7 +190,7 @@ public class CallbackBuilderLegacyImpl implements CallbackBuilder {
 			if ( listener != null ) {
 				XClass xListener = reflectionManager.toXClass( listener );
 				callbacksMethodNames = new ArrayList<>();
-				List<XMethod> methods = getDeclaredMethods( xListener );
+				List<XMethod> methods = xListener.getDeclaredMethods();
 				for ( final XMethod xMethod : methods ) {
 					if ( xMethod.isAnnotationPresent( callbackType.getCallbackAnnotation() ) ) {
 						final Method method = reflectionManager.toMethod( xMethod );
@@ -341,14 +338,4 @@ public class CallbackBuilderLegacyImpl implements CallbackBuilder {
 			}
 		}
 	}
-
-	private static List<XMethod> getDeclaredMethods(XClass clazz) {
-		final PrivilegedAction<List<XMethod>> action = new PrivilegedAction<List<XMethod>>() {
-			@Override
-			public List<XMethod> run() {
-				return clazz.getDeclaredMethods();
-			}
-		};
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
-	}
 }

hibernate-core/src/main/java/org/hibernate/metamodel/internal/MetadataContext.java

@@ -7,8 +7,6 @@
 package org.hibernate.metamodel.internal;
 
 import java.lang.reflect.Field;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
@@ -378,26 +376,13 @@ class MetadataContext {
 			return;
 		}
 		final String metamodelClassName = managedTypeClass.getName() + '_';
-
+		try {
-		final PrivilegedAction<Object> action = new PrivilegedAction<Object>() {
+			final Class metamodelClass = Class.forName( metamodelClassName, true, managedTypeClass.getClassLoader() );
-			@Override
+			// we found the class; so populate it...
-			public Object run() {
+			registerAttributes( metamodelClass, managedType );
-				try {
-					final Class metamodelClass = Class.forName( metamodelClassName, true, managedTypeClass.getClassLoader() );
-					// we found the class; so populate it...
-					registerAttributes( metamodelClass, managedType );
-				}
-				catch (ClassNotFoundException ignore) {
-					// nothing to do...
-				}
-				return null;
-			}
-		};
-		if ( System.getSecurityManager() != null ) {
-			AccessController.doPrivileged( action );
 		}
-		else {
+		catch (ClassNotFoundException ignore) {
-			action.run();
+			// nothing to do...
 		}
 
 		// todo : this does not account for @MappeSuperclass, mainly because this is not being tracked in our

hibernate-core/src/main/java/org/hibernate/tuple/entity/PojoEntityTuplizer.java

@@ -8,8 +8,6 @@ package org.hibernate.tuple.entity;
 
 import java.lang.reflect.Method;
 import java.lang.reflect.Modifier;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Set;
@@ -159,31 +157,24 @@ public class PojoEntityTuplizer extends AbstractEntityTuplizer {
 				null :
 				ReflectHelper.getMethod( proxyInterface, idSetterMethod );
 
-		final PrivilegedAction<ProxyFactory> action = new PrivilegedAction<ProxyFactory>() {
+		ProxyFactory pf = buildProxyFactoryInternal( persistentClass, idGetter, idSetter );
-			@Override
+		try {
-			public ProxyFactory run() {
+			pf.postInstantiate(
-				ProxyFactory pf = buildProxyFactoryInternal( persistentClass, idGetter, idSetter );
+					getEntityName(),
-				try {
+					mappedClass,
-					pf.postInstantiate(
+					proxyInterfaces,
-							getEntityName(),
+					proxyGetIdentifierMethod,
-							mappedClass,
+					proxySetIdentifierMethod,
-							proxyInterfaces,
+					persistentClass.hasEmbeddedIdentifier() ?
-							proxyGetIdentifierMethod,
+							(CompositeType) persistentClass.getIdentifier().getType() :
-							proxySetIdentifierMethod,
+							null
-							persistentClass.hasEmbeddedIdentifier() ?
+			);
-									(CompositeType) persistentClass.getIdentifier().getType() :
+		}
-									null
+		catch (HibernateException he) {
-					);
+			LOG.unableToCreateProxyFactory( getEntityName(), he );
-				}
+			pf = null;
-				catch (HibernateException he) {
+		}
-					LOG.unableToCreateProxyFactory( getEntityName(), he );
+		return pf;
-					pf = null;
-				}
-				return pf;
-			}
-		};
-
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
 	}
 
 	protected ProxyFactory buildProxyFactoryInternal(

hibernate-envers/src/main/java/org/hibernate/envers/configuration/internal/metadata/reader/AuditedPropertiesReader.java

@@ -7,8 +7,6 @@
 package org.hibernate.envers.configuration.internal.metadata.reader;
 
 import java.lang.annotation.Annotation;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.Iterator;
@@ -49,7 +47,6 @@ import org.hibernate.loader.PropertyPath;
 import org.hibernate.mapping.Component;
 import org.hibernate.mapping.Property;
 import org.hibernate.mapping.Value;
-
 import org.jboss.logging.Logger;
 
 import static org.hibernate.envers.internal.tools.Tools.newHashMap;
@@ -357,47 +354,26 @@ public class AuditedPropertiesReader {
 
 		//look in the class
 		addFromProperties(
-				getPropertiesFromClassByType( clazz, AccessType.FIELD ),
+				clazz.getDeclaredProperties( "field" ),
 				it -> "field",
 				fieldAccessedPersistentProperties,
 				allClassAudited
 		);
-
 		addFromProperties(
-				getPropertiesFromClassByType( clazz, AccessType.PROPERTY ),
+				clazz.getDeclaredProperties( "property" ),
 				propertyAccessedPersistentProperties::get,
 				propertyAccessedPersistentProperties.keySet(),
 				allClassAudited
 		);
 
 		if ( allClassAudited != null || !auditedPropertiesHolder.isEmpty() ) {
-			final PrivilegedAction<XClass> action = new PrivilegedAction<XClass>() {
+			final XClass superclazz = clazz.getSuperclass();
-				@Override
-				public XClass run() {
-					return clazz.getSuperclass();
-				}
-			};
-
-			final XClass superclazz = System.getSecurityManager() != null
-					? AccessController.doPrivileged( action )
-					: action.run();
-
 			if ( !clazz.isInterface() && !"java.lang.Object".equals( superclazz.getName() ) ) {
 				addPropertiesFromClass( superclazz );
 			}
 		}
 	}
 
-	private Iterable<XProperty> getPropertiesFromClassByType(XClass clazz, AccessType accessType) {
-		final PrivilegedAction<Iterable<XProperty>> action = new PrivilegedAction<Iterable<XProperty>>() {
-			@Override
-			public Iterable<XProperty> run() {
-				return clazz.getDeclaredProperties( accessType.getType() );
-			}
-		};
-		return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
-	}
-
 	private void addFromProperties(
 			Iterable<XProperty> properties,
 			Function<String, String> accessTypeProvider,