java qr code reader DetectEJBViolations.java: ensuring EJB policy enforcement in Java

Maker QR Code JIS X 0510 in Java DetectEJBViolations.java: ensuring EJB policy enforcement

Listing 6.5 DetectEJBViolations.java: ensuring EJB policy enforcement
QR Creator In Java
Using Barcode creation for Java Control to generate, create QR Code ISO/IEC18004 image in Java applications.
www.OnBarcode.com
QR Code Scanner In Java
Using Barcode reader for Java Control to read, scan read, scan image in Java applications.
www.OnBarcode.com
import javax.ejb.*; public aspect DetectEJBViolations { pointcut uiCalls() : call(* java.awt.*+.*(..)); declare error : uiCalls() && within(EnterpriseBean+) : "UI calls are not allowed from EJB beans.\n See EJB 2.0 specification section 24.1.2";
Print QR Code In Java
Using Barcode maker for Java Control to generate, create QR Code image in Java applications.
www.OnBarcode.com
GTIN - 13 Generator In Java
Using Barcode printer for Java Control to generate, create EAN13 image in Java applications.
www.OnBarcode.com
For information on EJB antipatterns, please refer to Bruce Tate et al, Bitter EJB (Greenwich, CT: Manning, 2003).
Print Matrix Barcode In Java
Using Barcode drawer for Java Control to generate, create 2D Barcode image in Java applications.
www.OnBarcode.com
Drawing USS Code 128 In Java
Using Barcode generation for Java Control to generate, create Code 128 Code Set C image in Java applications.
www.OnBarcode.com
Policy enforcement: system wide contracts
PDF 417 Creation In Java
Using Barcode generator for Java Control to generate, create PDF 417 image in Java applications.
www.OnBarcode.com
Encode USPS Confirm Service Barcode In Java
Using Barcode printer for Java Control to generate, create Planet image in Java applications.
www.OnBarcode.com
before() : uiCalls() && cflow(call(* EnterpriseBean+.*(..))) { System.out.println("Detected call to AWT from enterprise bean"); System.out.println("See EJB 2.0 specification section 24.1.2"); Thread.dumpStack(); } // Similar implementation of other programming restrictions: // Socket, file i/o, native library loading, keyboard input // thread methods access, reflection etc. pointcut staticMemberAccess() : set(static * EnterpriseBean+.*); declare error : staticMemberAccess() : "EJBs are not allowed to have nonfinal static variables.\n See EJB 2.0 specification section 24.1.2";
Print QR Code In None
Using Barcode maker for Office Word Control to generate, create QR-Code image in Microsoft Word applications.
www.OnBarcode.com
QR-Code Generation In None
Using Barcode drawer for Online Control to generate, create QR-Code image in Online applications.
www.OnBarcode.com
If you are involved in development using EJB, you can use the aspect in listing 6.5 as a template and extend it for other restrictions. Once you have the enforcement aspects ready, you can compile them along with your other classes and watch how much time it saves you in the laborious task of reviewing the code, and how it ensures better quality for your deployed system. Either you will see violations (and then you can fix the problems) or you will see no violations (and you can feel more confident about your code). As an example, consider listing 6.6, which violates some of the EJB programming restrictions.
Decoding UPC-A In Visual Basic .NET
Using Barcode recognizer for .NET Control to read, scan read, scan image in Visual Studio .NET applications.
www.OnBarcode.com
Barcode Drawer In VS .NET
Using Barcode creator for VS .NET Control to generate, create Barcode image in .NET applications.
www.OnBarcode.com
Listing 6.6 ViolationBean.java: a bean that violates the EJB rules
Barcode Generation In VB.NET
Using Barcode generator for VS .NET Control to generate, create Barcode image in .NET applications.
www.OnBarcode.com
Creating Barcode In Objective-C
Using Barcode generator for iPhone Control to generate, create Barcode image in iPhone applications.
www.OnBarcode.com
package customer; import javax.ejb.*; import javax.naming.*; public abstract class ViolationBean implements EntityBean { private static int _subscriptionCount = 0; // ... public void addSubscription (String subscriptionKey) { try { Context ic = new InitialContext(); // ... } catch (Exception ex) { javax.swing.JOptionPane.showMessageDialog(null, "Exception while adding subscription");
Paint Linear Barcode In Visual C#.NET
Using Barcode maker for .NET framework Control to generate, create Linear 1D Barcode image in VS .NET applications.
www.OnBarcode.com
GTIN - 13 Recognizer In Java
Using Barcode scanner for Java Control to read, scan read, scan image in Java applications.
www.OnBarcode.com
Example: implementing EJB programming restrictions
Encoding Denso QR Bar Code In .NET Framework
Using Barcode generator for ASP.NET Control to generate, create Denso QR Bar Code image in ASP.NET applications.
www.OnBarcode.com
Making PDF-417 2d Barcode In Java
Using Barcode generator for Android Control to generate, create PDF417 image in Android applications.
www.OnBarcode.com
ex.printStackTrace(); } _subscriptionCount++; } // ... }
EAN-13 Encoder In .NET
Using Barcode encoder for Reporting Service Control to generate, create GTIN - 13 image in Reporting Service applications.
www.OnBarcode.com
Recognize Code-39 In None
Using Barcode decoder for Software Control to read, scan read, scan image in Software applications.
www.OnBarcode.com
When we compile the ViolationBean class along with the DetectEJBViolations aspect, we get the following output:
> ajc DetectEJBViolations.java customer\*.java F:\aspectj-book\ch06\section6.5\customer\ViolationBean.java:7 EJBs are not allowed to have non-final static variables. See EJB 2.0 specification section 24.1.2 F:\aspectj-book\ch06\section6.5\customer\ViolationBean.java:14 UI calls are not allowed from EJB beans. See EJB 2.0 specification section 24.1.2 F:\aspectj-book\ch06\section6.5\customer\ViolationBean.java:18 EJBs are not allowed to have non-final static variables. See EJB 2.0 specification section 24.1.2 3 errors
Let s now get into the details of how the DetectEJBViolations aspect implements various enforcement policies. In the next two sections, we look at each of the enforced policies separately. 6.5.1 Implementing no AWT The first EJB restriction we will examine disallows calls to AWT methods. In the following code snippet, we use a pointcut to capture join points that correspond to calls to AWT methods, and declare the occurrence of any such join point in any subclass of EnterpriseBean to be an error:
pointcut uiCalls() : call(* java.awt..*+.*(..)); declare error : uiCalls() && within(EnterpriseBean+) : "UI calls are not allowed from EJB beans. See EJB 2.0 specification section 24.1.2";
This code simply says: If a call to any method in any class extending any class in java.awt or its subpackage is made from within any class implementing javax. ejb.EnterpriseBean, declare it an error.
Policy enforcement: system wide contracts
This is probably over-restrictive because it is OK to access classes such as java.awt.Rectangle. Nevertheless, we would rather err on the side of safety. It is easy to later exclude a few classes from restrictions by modifying the uiCalls() pointcut to not capture the join points for the classes to be excluded. When the aspect detects a violation, it prints a message like the following:
F:\aspectj-book\ch06\section6.5\customer\ViolationBean.java:16 UI calls are not allowed from EJB beans. See EJB 2.0 specification section 24.1.2
However, what if we do not call code in AWT directly, but rather through another class First, we should try to enumerate all the classes and packages that make UI calls and include those classes in the uiCalls() pointcut. This way, we will catch any violations at compile time and will not have to wait until we run the system for problems to occur. As a last resort, we can add the following advice in the aspect to check whether any of the methods control flow led to a call in AWT. Bear in mind, however, that this advice may not always catch the violations, since the code path leading to the violating calls may not be executed in a particular test sequence:
before() : uiCalls() && cflow(call(* EnterpriseBean+.*(..))) { System.out.println("Detected call to AWT from enterprise bean"); System.out.println("See EJB 2.0 specification section 24.1.2"); Thread.dumpStack(); }
In a similar fashion, you can implement other restrictions, such as no calls to Thread s methods, socket creation, System.in access, native library loading, or reflection use. For each such restriction, you will need to provide a pointcut definition to capture the join points corresponding to the restricted operations. You will also need to include a declare error clause for those pointcuts. To capture indirect calls, you will have to advise the join point occurring in the control flow of the bean method and log the violation. 6.5.2 Implementing no nonfinal static field access Another EJB programming restriction disallows the use of nonfinal static fields by a bean. This ensures the correctness of those fields when a bean moves from one VM to another. With AspectJ, you can indirectly capture this restriction by capturing write access to such fields. This solution does not implement the policy in exact terms, but it implements the spirit of it. The following snippet defines a pointcut that will capture write access to any static field in any subclass of EnterpriseBean and declare the access to be an error:
Copyright © OnBarcode.com . All rights reserved.