Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [aspectj-users] Additional Information Passing




Simon,

As Wes suggests annotations are the answer! Enumeration join points is
generally frowned upon and the resulting aspect can be fragile. Also anyone
ready the code will know immediately whether a particular value will appear
in the trace rather that having to look elsewhere. First define an
annotation with RUNTIME retention:

import java.lang.annotation.*;

@Retention(RetentionPolicy.RUNTIME)
public @interface Exclude {
    String value() default "";
}

Then modify the tracing aspect to have 2  pieces of advice: one that is
used with methods that are annotated to determine the exclusion mask and
another to advise all other methods that do not require an special
treatment. All formatting logic is moved to a method:

import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.reflect.CodeSignature;

public aspect Tracing {

      protected pointcut scope () :
            within(Test) && !within(Tracing+);

      private pointcut tracedMethod () :
            execution(!@Exclude * *(..)) && scope();

      private pointcut tracedAnnotatedMethod (Exclude e) :
            execution(* *(..)) && scope() && @annotation(e);

      before () : tracedMethod() {
            println(thisJoinPoint,0);
      }

      before (Exclude e) : tracedAnnotatedMethod(e) {

            int excludeMask = Integer.parseInt(e.value());
            println(thisJoinPoint,excludeMask);
      }

      protected void println (JoinPoint jp, int excludeMask) {
           // get this pointer
           Object calleeThis = jp.getThis();

           // get signature
           CodeSignature methodSignature =
               (CodeSignature) jp.getSignature();
           String methodName = methodSignature.getName();

           // get parameter names & parameters
           Object[] paramNames = methodSignature.getParameterNames();
           Object[] paramObjects = jp.getArgs();
           Object[][] methodParams = new Object[paramNames.length][2];

           // copy and mask out parameters
           for (int i=0; i<paramNames.length; i++) {
               methodParams[i][0] = paramNames[i];
               if ((excludeMask & 1) == 0) {
                   methodParams[i][1] = paramObjects[i];
               }
               else {
                   methodParams[i][1] = "* masked *";
               }
               excludeMask = excludeMask >> 1;
           }

//         log.entering(calleeThis, methodName, methodParams);
             System.err.print("> this="  + calleeThis + ", methodName=" + methodName + ", methodParams=");
             for (int i = 0; i < methodParams.length; i++) {
                   System.err.print(methodParams[i][1] + " ");
             }
             System.err.println();
      }
}

Running the following annotated testcase:

public class Test {

      @Exclude("2")
      public void secret (int i, String userid) {

      }

      @Exclude("6")
      public void secret (int i, String userid, String password) {

      }

      public void notSecret (int i) {

      }

      public static void main(String[] args) {
            new Test().secret(999,"USERID");
            new Test().secret(999,"USERID","PASSWORD");
            new Test().notSecret(999);
      }

}

results in the desired output:

> this=null, methodName=main, methodParams=[Ljava.lang.String;@867e89
> this=Test@bf2d5e, methodName=secret, methodParams=999 * masked *
> this=Test@1632c2d, methodName=secret, methodParams=999 * masked * *
masked *
> this=Test@1e97676, methodName=notSecret, methodParams=999

Matthew Webster
AOSD Project
Java Technology Centre, MP146
IBM Hursley Park, Winchester,  SO21 2JN, England
Telephone: +44 196 2816139 (external) 246139 (internal)
Email: Matthew Webster/UK/IBM @ IBMGB, matthew_webster@xxxxxxxxxx
http://w3.hursley.ibm.com/~websterm/

"Wes Isberg" <wes@xxxxxxxxxxxxxx>@eclipse.org on 05/05/2005 09:49:37

Please respond to Wes Isberg <wes@xxxxxxxxxxxxxx>; Please respond to
       aspectj-users@xxxxxxxxxxx

Sent by:    aspectj-users-bounces@xxxxxxxxxxx


To:    aspectj-users@xxxxxxxxxxx
cc:
Subject:    Re: [aspectj-users] Additional Information Passing


> there are no common criteria which parameters to exclude.

It sounds to me like case-by-case pointcuts:

----------
before() : execution(void X+.working(A, B, C)) {
  log(thisJoinPoint, {parmSelector});
}

before() : call(void Y+.idling(B, C)) {
  log(thisJoinPoint, {parmSelector});
}
...
----------
Depending on whether your types or names are stable and significant,
you can build {parmSelector} logic around those; otherwise, this
approach might be hard to maintain under refactoring.

If information of a given type is always security-sensitive, you
could tag those types:

  declare parents : UserName implements ISecure;

Then exclude ISecure instances when logging, and perhaps flag any
field or call reference thereto:

  declare error : (set(ISecure+ *) || get(ISecure+ *)) && within(IAspect+)
    : "aspect writing or reading secure fields".

  declare error : call(* ISecure+(..)) && within(IAspect+)
    : "aspect calling secure methods".

Without common criteria, it's all encoding!

I suspect it would be useful in any case to document and
identify the security-sensitive parameters; perhaps
annotations would help.

Wes

> ------------Original Message------------
> From: Simon Heinzle <simon.heinzle@xxxxxxxxxx>
> To: aspectj-users@xxxxxxxxxxx
> Date: Wed, May-4-2005 4:50 AM
> Subject: Re: [aspectj-users] Additional Information Passing
>
> Mathew,
>
> there are no common criteria which parameters to exclude. For example
> parameters that should not be logged are username/password, account
> information, keys, ...
>
> Passing additional information would solve the problem by passing a
> exclusion bit mask: (bit i) == 1 --> do not trace parameter i, ...
>
> For example:
>
> ********************************************************************
>
> // pointcut, passing information via exclusionMask
> pointcut TracePC(int exclusionMask) :
>      (execution (* *..SomeClass.someMethod(..)) && exclusionMask(5))
>      (execution (* *..OtherClass.method(..))    && exclusionMask(0))
>      || ...
>
> // corresponding advice
> before(int exclusionMask) : TracePC(exclusionMask) {
>      // get this pointer
>      Object calleeThis = thisJoinPoint.getThis();
>
>      // get signature
>      CodeSignature methodSignature =
>          (CodeSignature) thisJoinPoint.getSignature();
>      String methodName = methodSignature.getName();
>
>      // get parameter names & parameters
>      Object[] paramNames = methodSignature.getParameterNames();
>      Object[] paramObjects = thisJoinPoint.getArgs();
>      Object[][] methodParams = new Object[paramNames.length][2];
>
>      // copy and mask out parameters
>      for (int i=0; i<paramNames.length; i++) {
>          methodParams[i][0] = paramNames[i];
>          if ((excludeMask & 1) == 0) {
>              methodParams[i][1] = paramObjects[i];
>          }
>          else {
>              methodParams[i][1] = "* masked *";
>          }
>          excludeMask = excludeMask >> 1;
>      }
>
>      log.entering(calleeThis, methodName, methodParams);
> }
>
> ********************************************************************
>
> Regards,
> Simon
>
>
>
> Matthew Webster wrote:
> >
> >
> >
> > Simon,
> >
> > What are your criteria for excluding a piece of information from the
> trace?
> > How do you wish to exclude it (not trace the method at all or just
> the
> > object)? How does passing additional information (what do you have in
> mind)
> > help with this problem?
> >
> > Matthew Webster
> > AOSD Project
> > Java Technology Centre, MP146
> > IBM Hursley Park, Winchester,  SO21 2JN, England
> > Telephone: +44 196 2816139 (external) 246139 (internal)
> > Email: Matthew Webster/UK/IBM @ IBMGB, matthew_webster@xxxxxxxxxx
> > http://w3.hursley.ibm.com/~websterm/
> >
> > Simon Heinzle <simon.heinzle@xxxxxxxxxx>@eclipse.org on 03/05/2005
> 16:31:20
> >
> > Please respond to aspectj-users@xxxxxxxxxxx
> >
> > Sent by:    aspectj-users-bounces@xxxxxxxxxxx
> >
> >
> > To:    AspectJ <aspectj-users@xxxxxxxxxxx>
> > cc:
> > Subject:    [aspectj-users] Additional Information Passing
> >
> >
> > Hi all,
> >
> > Is there really no way to pass additional information to a pointcut
> > other than Joinpoints, Parameter Arguments, ... ?
> >
> > We're currently working on a Logging-Aspect, but we must be able to
> mask
> > out security sensitive parameters. One pointcut + advice for each
> > "masking configuration" (Parameter 1 logged, Param 2 not, ..) is a
> > solution, but not a very readable and extensible one (and of course,
> 6
> > parameter-methods could possibly infer 64 such pointcuts).
> >
> > Any suggestions how to solve this problem?
> >
> > Regards,
> > Simon
> > _______________________________________________
> > aspectj-users mailing list
> > aspectj-users@xxxxxxxxxxx
> > https://dev.eclipse.org/mailman/listinfo/aspectj-users
> >
> >
> > _______________________________________________
> > aspectj-users mailing list
> > aspectj-users@xxxxxxxxxxx
> > https://dev.eclipse.org/mailman/listinfo/aspectj-users
>
>
> --
>   AdNovum Informatik AG
>   Simon Heinzle
>   Praktikant
>
>   Roentgenstrasse 22, CH-8005 Zuerich
>   mailto:simon.heinzle@xxxxxxxxxx
>   phone: +41 44 272 6111, fax: +41 44 272 6312
>   http://www.adnovum.ch
>
>   AdNovum Offices: Bern, Budapest, San Mateo, Zuerich (HQ)
> _______________________________________________
> aspectj-users mailing list
> aspectj-users@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/aspectj-users
>

_______________________________________________
aspectj-users mailing list
aspectj-users@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/aspectj-users




Back to the top