List of usage examples for org.aspectj.lang ProceedingJoinPoint getArgs
Object[] getArgs();
From source file:com.ideabase.repository.core.aspect.IndexEventAdvice.java
License:Open Source License
@Around("com.ideabase.repository.core.aspect.ArchitecturePointcuts.indexOperation()") public Object aroundOperation(final ProceedingJoinPoint pProceedingJoinPoint) throws Throwable { // Determine source class and mehtod. final Signature signature = pProceedingJoinPoint.getSignature(); final Class signatureClass = signature.getDeclaringType(); final String signatureMethod = signature.getName(); final Object[] arguments = pProceedingJoinPoint.getArgs(); // Execute the operation final Object returned = pProceedingJoinPoint.proceed(); // publish event addEvent(signatureClass, signatureMethod, arguments); // Return the executed output. return returned; }
From source file:com.ideabase.repository.webservice.advice.WebAuthenticationAndAuthorizationAdvice.java
License:Open Source License
/** * Retrieve {@see RESTfulController} and http request response object.<Br> * verify whether user session contains the valid {@see Subject} object.<br> * if user is already authenticated, verify user authorization.<br> * if user is authorized, invoke {@code processAuthorizedAction} method from * {@see RESTfulController}.<br>// w w w .j av a2s. c om * otherwise invoke {@code processUnauthorizedAction} method.<br> * * @param pProceedingJoinPoint intermediate join point state. */ @Around("com.ideabase.repository.core.aspect.ArchitecturePointcuts." + "webServiceOperation()") public void verifyAuthentication(final ProceedingJoinPoint pProceedingJoinPoint) { LOG.debug("Verify authentication."); // find target object instance. final RESTfulController controller = (RESTfulController) pProceedingJoinPoint.getTarget(); // find http servlet request and response final Object[] arguments = pProceedingJoinPoint.getArgs(); final HttpServletRequest request = (HttpServletRequest) arguments[0]; final HttpServletResponse response = (HttpServletResponse) arguments[1]; final HttpSession session = request.getSession(); if (DEBUG) { LOG.debug("Request object - " + request); } // logged on user must contain subject object on session context. try { if (DEBUG) { LOG.debug("Request uri - " + request.getRequestURI()); } // Build restful action object from request context. final RESTfulAction action = URIParameterHelper.buildRESTfulAction(request); try { verifyAuthenticationAndAuthorization(action, session, request, response, controller); } catch (Throwable e) { if (DEBUG) { LOG.debug("Failed to process an action.", e); } if (e instanceof AuthorizationException) { controller.processErrorAction(action, RESTfulController.ErrorCode.UNAUTHORIZED_ACTION, request, response); } else if (e instanceof ActionExecutionException) { controller.processErrorAction(action, RESTfulController.ErrorCode.FAILURE_EXECUTION, request, response); } else if ((e instanceof AuthenticationException) || (e instanceof LoginException)) { controller.processErrorAction(action, RESTfulController.ErrorCode.LOGIN_FAILED, request, response); } else { controller.processErrorAction(action, RESTfulController.ErrorCode.INVALID_ACTION, request, response); } } } catch (Throwable t) { if (DEBUG) { LOG.debug("Exception stacktrace - ", t); } controller.processErrorAction(null, RESTfulController.ErrorCode.INVALID_ACTION, request, response); } }
From source file:com.invariantproperties.project.student.webservice.security.RestParameterChecker.java
License:Apache License
/** * Check that the UUID is well-formed in CRUD REST service calls. * //from w w w.j ava 2 s. co m * @param pjp * @param uuid * @return * @throws Throwable */ @Around("target(com.invariantproperties.project.student.webservice.server.rest.AbstractResource) && args(uuid,..) && (execution(* *.create*(..)) || execution(* *.delete*(..)) || execution(* *.update*(..)) || execution(* *.get*(..)))") public Object checkUuid(ProceedingJoinPoint pjp, String uuid) throws Throwable { final Object[] args = pjp.getArgs(); Object results = null; if (LOG.isDebugEnabled()) { LOG.debug(String.format("checking for bad UUID: %s(%s)...", pjp.getSignature().getName(), uuid)); } if (!StudentUtil.isPossibleUuid(uuid)) { results = Response.status(Status.BAD_REQUEST).build(); LOG.info(pjp.getSignature().getName() + ": attempt to use malformed UUID"); } else { results = pjp.proceed(args); } return results; }
From source file:com.invariantproperties.project.student.webservice.server.rest.CheckPostValues.java
License:Apache License
/** * Check post values on create method.//from w ww.ja va 2 s . c om * * @param pjp * @return * @throws Throwable */ @Around("target(com.invariantproperties.project.student.webservice.server.rest.AbstractResource) && args(rto,..)") public Object checkParametersCreate(ProceedingJoinPoint pjp, Validatable rto) throws Throwable { final Logger log = Logger.getLogger(pjp.getSignature().getDeclaringType()); final String name = pjp.getSignature().getName(); Object results = null; if (rto.validate()) { // this should be safe since parameters have been validated. if (log.isDebugEnabled()) { log.debug(String.format("%s(%s): entry", name, Arrays.toString(pjp.getArgs()))); } results = pjp.proceed(pjp.getArgs()); } else { // FIXME: this is unsafe if (log.isInfoEnabled()) { log.info(String.format("%s(%s): bad arguments", name, Arrays.toString(pjp.getArgs()))); } // TODO: tell caller what the problems were results = Response.status(Status.BAD_REQUEST).build(); } return results; }
From source file:com.invariantproperties.project.student.webservice.server.rest.CheckPostValues.java
License:Apache License
/** * Check post values on update method./*from w w w . jav a 2s . c om*/ * * @param pjp * @return * @throws Throwable */ @Around("target(com.invariantproperties.project.student.webservice.server.rest.AbstractResource) && args(uuid,rto,..)") public Object checkParametersUpdate(ProceedingJoinPoint pjp, String uuid, Validatable rto) throws Throwable { final Logger log = Logger.getLogger(pjp.getSignature().getDeclaringType()); final String name = pjp.getSignature().getName(); Object results = null; if (!StudentUtil.isPossibleUuid(uuid)) { // this is a possible attack. if (log.isInfoEnabled()) { log.info(String.format("%s(): uuid", name)); } results = Response.status(Status.BAD_REQUEST).build(); } else if (rto.validate()) { // this should be safe since parameters have been validated. if (log.isDebugEnabled()) { log.debug(String.format("%s(%s): entry", name, Arrays.toString(pjp.getArgs()))); } results = pjp.proceed(pjp.getArgs()); } else { // FIXME: this is unsafe if (log.isInfoEnabled()) { log.info(String.format("%s(%s): bad arguments", name, Arrays.toString(pjp.getArgs()))); } // TODO: tell caller what the problems were results = Response.status(Status.BAD_REQUEST).build(); } return results; }
From source file:com.invariantproperties.project.student.webservice.server.rest.CheckPostValues.java
License:Apache License
/** * Check post values on delete method. This is actually a no-op but it * allows us to log method entry.//from w w w . j ava2 s. c o m * * @param pjp * @return * @throws Throwable */ @Around("target(com.invariantproperties.project.student.webservice.server.rest.AbstractResource) && args(uuid,version) && execution(* *.delete*(..))") public Object checkParametersDelete(ProceedingJoinPoint pjp, String uuid, Integer version) throws Throwable { final Logger log = Logger.getLogger(pjp.getSignature().getDeclaringType()); final String name = pjp.getSignature().getName(); Object results = null; if (!StudentUtil.isPossibleUuid(uuid)) { // this is a possible attack. if (log.isInfoEnabled()) { log.info(String.format("%s(): uuid", name)); } results = Response.status(Status.BAD_REQUEST).build(); } else { // this should be safe since parameters have been validated. if (log.isDebugEnabled()) { log.debug(String.format("%s(%s): entry", name, Arrays.toString(pjp.getArgs()))); } results = pjp.proceed(pjp.getArgs()); } return results; }
From source file:com.invariantproperties.project.student.webservice.server.rest.CheckPostValues.java
License:Apache License
/** * Check post values on find methods. This is actually a no-op but it allows * us to log method entry.//from w w w .jav a2 s . c o m * * @param pjp * @return * @throws Throwable */ @Around("target(com.invariantproperties.project.student.webservice.server.rest.AbstractResource) && execution(* *.find*(..))") public Object checkParametersFind(ProceedingJoinPoint pjp) throws Throwable { final Logger log = Logger.getLogger(pjp.getSignature().getDeclaringType()); if (log.isDebugEnabled()) { log.debug(String.format("%s(%s): entry", pjp.getSignature().getName(), Arrays.toString(pjp.getArgs()))); } final Object results = pjp.proceed(pjp.getArgs()); return results; }
From source file:com.invariantproperties.project.student.webservice.server.rest.UnexpectedResourceExceptionHandler.java
License:Apache License
/** * Check for an unhandled exception from a REST resource. If we catch one * AND the method returns a Response we can return a Server Internal Error * (500) error code instead of blowing up. We need to check though since * some methods don't return a Response. * //from w w w. j av a 2 s . co m * @param pjp * @return * @throws Throwable */ @Around("target(com.invariantproperties.project.student.webservice.server.rest.AbstractResource)") public Object checkForUnhandledException(ProceedingJoinPoint pjp) throws Throwable { Object results = null; Logger log = Logger.getLogger(pjp.getSignature().getClass()); try { results = pjp.proceed(pjp.getArgs()); } catch (ObjectNotFoundException e) { // this is safe to log since we know that we've passed filtering. String args = Arrays.toString(pjp.getArgs()); results = Response.status(Status.NOT_FOUND).entity("object not found: " + args).build(); if (log.isDebugEnabled()) { log.debug("object not found: " + args); } } catch (Exception e) { // find the method we called. We can't cache this since the method // may be overloaded Method method = findMethod(pjp); if ((method != null) && Response.class.isAssignableFrom(method.getReturnType())) { // if the method returns a response we can return a 500 message. if (!(e instanceof UnitTestException)) { if (log.isInfoEnabled()) { log.info(String.format("%s(): unhandled exception: %s", pjp.getSignature().getName(), e.getMessage()), e); } } else if (log.isTraceEnabled()) { log.info("unit test exception: " + e.getMessage()); } results = Response.status(Status.INTERNAL_SERVER_ERROR).build(); } else { // DO NOT LOG THE EXCEPTION. That just clutters the log - let // the final handler log it. throw e; } } return results; }
From source file:com.invariantproperties.project.student.webservice.server.rest.UnexpectedResourceExceptionHandler.java
License:Apache License
/** * Find method called via reflection./*from ww w .jav a 2s . c o m*/ * * @param pjp * @return */ Method findMethod(ProceedingJoinPoint pjp) { Class<?>[] argtypes = new Class[pjp.getArgs().length]; for (int i = 0; i < argtypes.length; i++) { argtypes[i] = pjp.getArgs()[i].getClass(); } Method method = null; try { // @SuppressWarnings("unchecked") method = pjp.getSignature().getDeclaringType().getMethod(pjp.getSignature().getName(), argtypes); } catch (Exception e) { Logger.getLogger(UnexpectedResourceExceptionHandler.class) .info(String.format("could not find method for %s.%s", pjp.getSignature().getDeclaringType().getName(), pjp.getSignature().getName())); } return method; }
From source file:com.invariantproperties.sandbox.student.webservice.security.RestParameterChecker.java
License:Apache License
/** * Check that the UUID is well-formed in CRUD REST service calls. * //from w w w .j a va2 s . co m * @param pjp * @param uuid * @return * @throws Throwable */ @Around("target(com.invariantproperties.sandbox.student.webservice.server.rest.AbstractResource) && args(uuid,..) && (execution(* *.create*(..)) || execution(* *.delete*(..)) || execution(* *.update*(..)) || execution(* *.get*(..)))") public Object checkUuid(ProceedingJoinPoint pjp, String uuid) throws Throwable { final Object[] args = pjp.getArgs(); Object results = null; if (LOG.isDebugEnabled()) { LOG.debug(String.format("checking for bad UUID: %s(%s)...", pjp.getSignature().getName(), uuid)); } if (!StudentUtil.isPossibleUuid(uuid)) { results = Response.status(Status.BAD_REQUEST).build(); LOG.info(pjp.getSignature().getName() + ": attempt to use malformed UUID"); } else { results = pjp.proceed(args); } return results; }