In my previous article I had explained how to make a class immutable. Taking that as an example, it shows how do you write a perfectly immutable class. However, there is a catch. And that is reflection. Since one can access and modify private fields through reflection, it can break the sanctity of the immutable object.
If you execute this code:
Immutable obj = new Immutable(1, "yadav", address, addressList); Field nameField = obj.getClass().getDeclaredField("name"); nameField.setAccessible(true); nameField.set(obj, "ankit");
it breaks the whole concept of immutability. Fortunately, there is a fix as well. You only need to provide a custom securitymanager. So that, when there is any breach, program will throw an exception instead of breaking the immutability.
Something similar to this code will help fix this:
System.setSecurityManager(new SecurityManager() { @Override public void checkPermission(Permission perm) { if ("suppressAccessChecks".equals(perm.getName())) { throw new SecurityException("Security Violation on SupressAccessChecks"); } } });