hk2
  1. hk2
  2. HK2-116

ValidationInformation.getInjectee() should also return the code which initiated the 'lookup'

    Details

    • Type: Improvement Improvement
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.2.0
    • Fix Version/s: 2.2.0
    • Component/s: None
    • Labels:
      None

      Description

      The following method currently retruns the Injectee which made the injection of a HK2 instance, and return null if it is a 'lookup' by useing the ServiceLocator.
      ValidationInformation.getInjectee()

      We need a similar behavior between the injection and lookup when doing the security permission check in both injection and lookup: check the the privilege of the injectee and the lookup code which initiated the service lookup. For injection, we know who is the injectee from the above API, but no idea who (which class) is doing the lookup because the above call returns null.

      Please supply a separate method like
      ValidationInformation.getlookuper(),

      or overload the method of ValidationInformation.getInjectee() to return either injectee or lookuper based on the case if it is injection or lookup.

      Some more info for ref below.

      When it is lookup, the Validator.validate() call does have a call stack where the lookuper is in the middle of the call stack (see an attached call stack example below, where the lookuper is com.oracle.cloudlogic.security.services.impl.identity.BaseIdMgrImpl), but the HK2 consumer does not know which one is really the lookuper.

      [2013-05-08T12:54:51.202-0700] [cloudlogic 4.0] [SEVERE] [] [] [tid: _ThreadID=16 _ThreadName=Thread-8] [timeMillis: 1368042891202] [levelValue: 1000] [[
      java.lang.RuntimeException: test
      at org.glassfish.security.services.common.CommonAccessValidator.validateLookup(CommonAccessValidator.java:101)
      at org.glassfish.security.services.common.CommonAccessValidator.validate(CommonAccessValidator.java:45)
      at org.jvnet.hk2.internal.ServiceLocatorImpl.validate(ServiceLocatorImpl.java:207)
      at org.jvnet.hk2.internal.ServiceLocatorImpl.narrow(ServiceLocatorImpl.java:1813)
      at org.jvnet.hk2.internal.ServiceLocatorImpl.internalGetDescriptor(ServiceLocatorImpl.java:926)
      at org.jvnet.hk2.internal.ServiceLocatorImpl.internalGetService(ServiceLocatorImpl.java:605)
      at org.jvnet.hk2.internal.ServiceLocatorImpl.getService(ServiceLocatorImpl.java:590)
      at com.oracle.cloudlogic.security.services.impl.identity.BaseIdMgrImpl.doPost(BaseIdMgrImpl.java:88)
      at com.oracle.cloudlogic.security.services.impl.identity.IdentityManagerImpl.postConstruct(IdentityManagerImpl.java:304)
      at org.jvnet.hk2.internal.ClazzCreator.postConstructMe(ClazzCreator.java:281)
      at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:328)
      at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:448)
      at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:118)
      at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2204)
      at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:93)
      at org.jvnet.hk2.internal.ServiceLocatorImpl.getService(ServiceLocatorImpl.java:558)
      at org.jvnet.hk2.internal.ThreeThirtyResolver.resolve(ThreeThirtyResolver.java:77)
      at org.jvnet.hk2.internal.ClazzCreator.resolve(ClazzCreator.java:191)
      at org.jvnet.hk2.internal.ClazzCreator.resolveAllDependencies(ClazzCreator.java:214)
      at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:311)
      at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:448)
      at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:118)
      at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2204)
      at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:93)
      at org.jvnet.hk2.internal.ServiceLocatorImpl.getService(ServiceLocatorImpl.java:558)
      at org.jvnet.hk2.internal.ThreeThirtyResolver.resolve(ThreeThirtyResolver.java:77)
      at org.jvnet.hk2.internal.ClazzCreator.resolve(ClazzCreator.java:191)
      at org.jvnet.hk2.internal.ClazzCreator.resolveAllDependencies(ClazzCreator.java:214)
      at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:311)
      at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:448)
      at org.jvnet.hk2.internal.SingletonContext.findOrCreate(SingletonContext.java:118)
      at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2204)
      at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:93)
      at org.jvnet.hk2.internal.ServiceLocatorImpl.getService(ServiceLocatorImpl.java:558)
      at org.jvnet.hk2.internal.ThreeThirtyResolver.resolve(ThreeThirtyResolver.java:77)
      at org.jvnet.hk2.internal.ClazzCreator.resolve(ClazzCreator.java:191)
      at org.jvnet.hk2.internal.ClazzCreator.resolveAllDependencies(ClazzCreator.java:214)
      at org.jvnet.hk2.internal.ClazzCreator.create(ClazzCreator.java:311)
      at org.jvnet.hk2.internal.SystemDescriptor.create(SystemDescriptor.java:448)
      at org.glassfish.hk2.runlevel.internal.AsyncRunLevelContext.findOrCreate(AsyncRunLevelContext.java:180)
      at org.jvnet.hk2.internal.Utilities.createService(Utilities.java:2204)
      at org.jvnet.hk2.internal.ServiceHandleImpl.getService(ServiceHandleImpl.java:93)
      at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.oneJob(CurrentTaskFuture.java:734)
      at org.glassfish.hk2.runlevel.internal.CurrentTaskFuture$QueueRunner.run(CurrentTaskFuture.java:719)
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
      at java.lang.Thread.run(Thread.java:722)]]

        Activity

        Hide
        jwells added a comment -

        Can you explain the difference between this and HK2-115 ?

        Show
        jwells added a comment - Can you explain the difference between this and HK2-115 ?
        Hide
        spei added a comment -

        HK2-115 asked to find the chain of the injectees;

        This one is about getting object which initiated the lookup of a HK2 service.

        For an injection case, ValidationInformation.getInjectee() retrun the injectee; but for a lookup case, this method returns null, the desired feature is to return instance which initiated the lookup.

        Show
        spei added a comment - HK2-115 asked to find the chain of the injectees; This one is about getting object which initiated the lookup of a HK2 service. For an injection case, ValidationInformation.getInjectee() retrun the injectee; but for a lookup case, this method returns null, the desired feature is to return instance which initiated the lookup.
        Hide
        jwells added a comment -

        I'm not even sure what such a method would return? The instance of the object calling me? I don't even know how to get that. The class that is calling me? Perhaps a StackTraceElement? Though it seems to me like your validator can get that information without me having to give it to you... (Like, why can't you just do a Thread.currentThread.getStackTrace and look up the stack for things like "getService". That would tell you "who" was calling...

        Show
        jwells added a comment - I'm not even sure what such a method would return? The instance of the object calling me? I don't even know how to get that. The class that is calling me? Perhaps a StackTraceElement? Though it seems to me like your validator can get that information without me having to give it to you... (Like, why can't you just do a Thread.currentThread.getStackTrace and look up the stack for things like "getService". That would tell you "who" was calling...
        Hide
        jwells added a comment -

        We will provide a new method on ValidationInformation that gives some information about the lookup caller. Using this method could be expensive (as it will make several system calls) but the fact that it is called by choice by the validation code implies that HK2 will not have this cost on every lookup call.

        Show
        jwells added a comment - We will provide a new method on ValidationInformation that gives some information about the lookup caller. Using this method could be expensive (as it will make several system calls) but the fact that it is called by choice by the validation code implies that HK2 will not have this cost on every lookup call.
        Hide
        jwells added a comment -

        A method called "getCaller" has been added to ValidationInformation. It returns the StackTraceElement of the caller.

        Show
        jwells added a comment - A method called "getCaller" has been added to ValidationInformation. It returns the StackTraceElement of the caller.

          People

          • Assignee:
            jwells
            Reporter:
            spei
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: