Re: [JBoss-dev] Example of how careless handling of AOP pointcut expressions can screw you up good

Mon, 30 Jan 2006 12:31:09 -0800

Yeah, will need special IDE support for this. BTW, this is a often talked about problem in AOP land. And the only complete solution is an IDE. I guess what we could do is to validate that a class/method/field/constructor exists if the expression is fully qualitifed without wildcards. 

Ovidiu Feodorov wrote:


Yes, it does that. But not for the method name.

Bill Burke wrote:


FYI, if you refactor code with Intelllij, and have the AOP XML in your 
classpath, it will discover and change the XML for at least the 
classname.


Ovidiu Feodorov wrote:




Yes, that's why I said Tim does a very good job at surrounding the 
functionality he writes with test cases that check whether the 
expected good things happen, but also probe for potential bad things.


Adding lots of tests has two major benefits:

1. Provide you with a safety mesh. Thicker, the better, it may help 
you catch problems by exposing random interactions never thought 
about. Machines to run testsuites are cheap.
2. Help you better understand the functionality you write, help you 
discover edge cases and potential pitfalls, and quite often help you 
to find a better way to write the very functionality you're working on.



Writing tests increases the development time, but the benefits far 
exceed the drawbacks. Just think at a production down situation that 
can have been prevented by having the right (and trivial) test in place.



The Messaging project's capital sin is to modify/remove a 
semantically correct test :)


Scott M Stark wrote:


I would suspect that the tests simply asserted that someone could be
denied access. This is a general failing in the tests I see written.
Tests only assert that the expected good things happen. There are not

enough tests written to validate that bad behaviors are also 
constrained

to expected and recoverable behaviors.

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Ovidiu Feodorov
Sent: Friday, January 27, 2006 11:44 AM
To: jboss-development@lists.sourceforge.net
Subject: [JBoss-dev] Example of how careless handling of AOP pointcut
expressions can screw you up good



A succinct example of how AOP pointcut expressions without proper 
tests and/or compile-time check tools can screw you up good:



JMS lets you create anonymous message producers, and for this case, 
security checks must be applied on each message send. The following 
pointcut expression enforces that:



  <bind pointcut="execution(* 
org.jboss.jms.server.endpoint.advised.ProducerAdvised->send(..))">
     <advice name="handleSend" 
aspect="org.jboss.jms.server.container.SecurityAspect"/>

  </bind>


Recently, the ProducerAdvised's send() method name and signature has 
been changed upon a refactoring:


$ cvs diff -r 1.3 -r 1.2 ProducerAdvised.java
Index: ProducerAdvised.java
===================================================================
RCS file:

/cvsroot/jboss/jboss-jms/src/main/org/jboss/jms/server/endpoint/advised/ 


ProducerAdvised.java,v
retrieving revision 1.3
retrieving revision 1.2
diff -r1.3 -r1.2

...

68c69
<    public void sendMessage(Message message) throws JMSException
---

 


  public void send(Destination destination, Message message, int

  



deliveryMode, int priority, long timeToLive) throws JMSException

...



As result, no security checks were applied anymore on individual 
message



sends for anonymous producers, leading to a very silent, subtle and 
potentially dangerous error condition.



Praises to Tim for adding test cases that helped us catch the 
problem on


our work benches and not in some customer's production environment.


Can the Eclipse AOP plugin help in catching this type of error at 
refactoring time?


Ovidiu



-------------------------------------------------------

This SF.net email is sponsored by: Splunk Inc. Do you grep through 
log files

for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=k&kid3432&bid#0486&dat1642
_______________________________________________
JBoss-Development mailing list
JBoss-Development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-development


 










-------------------------------------------------------

This SF.net email is sponsored by: Splunk Inc. Do you grep through log 
files

for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
JBoss-Development mailing list
JBoss-Development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-development



--
Bill Burke
Chief Architect
JBoss Inc.


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
JBoss-Development mailing list
JBoss-Development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-development






















					Reply via email to