[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [aspectj-users] Trapping dodgy method calls

On Dec 15, 2007, at 5:54 AM, Rob Austin wrote:

I am currently looking at the extent to which AspectJ can be used to enhance object security.

A good application, but I wouldn't just rely on AJ to solve it! ;)

If I write a pointcut that allows me to trap all calls to the public methods of my objects outside of the package it resides on, I can monitor these calls and make sure they are legal, or at least acceptable,and through reflection I can tell which objects are calling these methods.


But I understand that its possible (even though I wouldn't have a clue how to do it)  for one object to call a public method of another object loaded in the same JVM through introspecting the classloader. In other words there would be no matches on the pointcuts at compile time and the advices would not expect to be applied. So, what would happen at runtime if one object "illegally" called another's method? Is there any further runtime checking which would allow the advice to be matched?

It's true that using reflection would "bypass" the pointcut. This is true because the reflection calls will refer to the classes and methods by name (as a string), so the invocations will be "invisible" to AJ. However, if you want to prevent all reflection calls, you could write a pointcut that looks for anyone calling the reflection API and raise an exception. In fact, for this task and your original plan, you can write an aspect that will detect these calls at compile time!

aspect NoReflectionForYou {
pointcut allReflectionCalls(): call(* java.lang.reflect..*.*(..));

declare error: allReflectionCalls(): "No reflection for you!!";

You can also use declare error to prevent calls to objects in package A from the within objects in package B, for example.

If you don't want to prevent all reflection calls from your code, but only those to "sensitive" areas, you could write an aspect that advices specific reflection calls, e.g., calls to the Method class, and look at the method name to pick out the ones you want to prevent.

Hope this helps.

Apologies if this question is full of hypotheticals (I know that 2 java programs would normally be launched in seprate JVMs!).
aspectj-users mailing list

Dean Wampler, Ph.D.
dean at objectmentor.com
See also:
http://aquarium.rubyforge.org     AOP for Ruby
http://www.contract4j.org         Design by Contract for Java5