Understanding AccessController.doPrivileged() in Java 8, 17, and 21
Introduction
In Java, security and permission management have been crucial components for building secure applications. One such API that developers have relied on for decades is the AccessController.doPrivileged() method. However, with the evolution of the Java platform, particularly in Java 17 and Java 21, significant changes have been made to this API. This blog will provide a comprehensive understanding of what AccessController.doPrivileged() does, how its behavior has changed over different Java versions, and what developers should do moving forward.
What is AccessController.doPrivileged()?
The AccessController.doPrivileged() method allows code to be executed with elevated privileges, bypassing the current AccessControlContext of the calling code.
Why is it Needed?
When sensitive operations like reading system properties, accessing files, or performing reflection are required, Java’s SecurityManager may block these actions. To allow trusted code to perform these operations, developers use AccessController.doPrivileged() to execute code with higher privileges.
Example:
String home = AccessController.doPrivileged(
(PrivilegedAction<String>) () -> System.getProperty("user.home")
);
System.out.println(home);How It Worked in Java 8
In Java 8, AccessController.doPrivileged() worked as expected:
- It granted elevated permissions to the enclosed action.
- If the SecurityManager was enabled, it would bypass permission checks.
- Trusted code could perform actions that untrusted code could not.
✅ Output:
/home/userChanges in Java 17
Starting with Java 17, AccessController.doPrivileged() was deprecated as part of the broader deprecation of the SecurityManager.
However, the method still worked with a warning, allowing developers to migrate their applications.
What Happens in Java 21?
In Java 21, the SecurityManager was completely removed, making AccessController.doPrivileged() effectively a no-op.
If you use this method in Java 21:
String home = AccessController.doPrivileged(
(PrivilegedAction<String>) () -> System.getProperty("user.home")
);
System.out.println(home);It will simply execute the lambda code without throwing any exception or elevating permissions.
What Happens Internally?
The method acts like this:
public static <T> T doPrivileged(PrivilegedAction<T> action) {
return action.run(); // No elevated privileges
}✅ Output in Java 21:
/home/userHowever, if your code relies on elevated privileges (e.g., reading restricted files), it will fail silently without any security checks.
What Should Developers Do Now?
If you’re upgrading to Java 21 or writing new applications:
- Remove all instances of
AccessController.doPrivileged(). - Review your security policies.
- If you need fine-grained permission management, migrate to Java modules (JPMS) or third-party libraries.
