Define Restful web services using Spring

In one of my project, I had the difficult decision to switch to another technology: I replaced JSF with Angular-JS.
Our goal was to speed up the development by removing the painful part implied with JSF, as a lot of server requests to manage, some view state issues, the refresh management, the need to implement the view on the Java part with its managed beans, etc…

But the big impact on the architectural point of view was that we have to move the GUI (and its logic) on the client side and give access to the data. Fortunately, this part was ease by the layered structure of the application, I just need to replace the old JSF part with a REST interface which is accessed by the Angular-JS components using Ajax requests.
As the project used already Spring, I decided to use it also to set up the restful part, I describe hereafter what I did.

First of all, we need to add the corresponding dependencies in our POM:

<properties>
    <spring.framework.version>4.0.5.RELEASE</spring.framework.version>
</properties>

<dependencies>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-web</artifactId>
        <version>${spring.framework.version}</version>
    </dependency>
            <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-webmvc</artifactId>
        <version>${spring.framework.version}</version>
    </dependency>
    <dependency>
        <groupId>com.fasterxml.jackson.core</groupId>
        <artifactId>jackson-databind</artifactId>
        <version>2.3.4</version>
    </dependency>
    <dependency>
        <groupId>org.codehaus.jackson</groupId>
        <artifactId>jackson-mapper-asl</artifactId>
        <version>1.9.12</version>
    </dependency>
</dependencies>

We need also to activate the configuration using annotation, for that we have to add in our Spring configuration file:

    <context:component-scan base-package="net.classnotfound.ws"/>
    <mvc:annotation-driven />

Even if I do not like to use the annotations to configure the application, I decided to make an exception for the web services, as they are not intended to have some intelligence and are just a bridge to the business layer, I consider it as acceptable.

A web service is declared using the @RestController Spring annotation:

package net.classnotfound.ws.controller;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class MyController {
	//Web service implementation here
    
}

When we define an endpoint for the web service, we need to indicates which HTTP method we use, the type of data we expect (JSON is the usual case), etc…
This can be done easily by using the Spring annotation:

    @RequestMapping(value = "/service/print", method = RequestMethod.POST, consumes = {"application/json" })
    @ResponseStatus(HttpStatus.NO_CONTENT)
    public void print(@RequestBody final Data data) {
        System.out.println(data);
    }

Here, we defined a method print, which is reachable using “/service/print” URL, using a POST request with data in JSON format.
The @ResponseStatus is used to define the HTTP return code to be used.

Another option is to use a GET method, but doing this, the parameters are now directly provided with the requested URL:

    @Autowired
    private DataService dataService;

    @Transactional
    @Globals
    @RequestMapping(value = "/service/data/{id}", method = RequestMethod.GET)
    @ResponseBody
    public Data find(@PathVariable("id") final String id) {
        Data data = dataService.find(id);
        if (data==null) {
            throw new ObjectNotFoundException(id);
        }
        return data;
    }

We can see the parameter defined in the URL using a EL syntax and this parameter is also mentioned in the signature of the method using @PathVariable annotation.

Too easy, isn’t it? πŸ˜€

Define configuration file outside of the classpath

Here I describe the way I use to configure my applications. The main idea is to define a property file outside of the application, doing this, it is possible to deploy the same application in several environments (dev/test/prod) without any changes.

First of all, the property file:

net.classnotfound.app.jdbc.server=db-server
net.classnotfound.app.jdbc.port=1521
net.classnotfound.app.jdbc.sid=xe
net.classnotfound.app.jdbc.user=scott
net.classnotfound.app.jdbc.password=koala

The tips is to define a parameter in the Tomcat context file which points to the file location:

<Parameter name="directoryConfig" override="false" value="FILE_PATH"/>

And now, to get the value in the application, I use Spring this way:

<bean id="placeholderConfig"
	class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
	<property name="location"
		value="file:#{contextParameters.directoryConfig}/app-config.properties" />
</bean>

This is an example of its usage to set up an Oracle datasource:

<orcl:pooling-datasource id="dataSource"
	url="jdbc:oracle:thin:@${net.classnotfound.app.jdbc.server}:${net.classnotfound.app.jdbc.port}:${net.classnotfound.app.jdbc.sid}"
	username="${net.classnotfound.app.jdbc.user}" password="${net.classnotfound.app.jdbc.password}">
</orcl:pooling-datasource>

Now, we can just change the path of the configuration file, depending on each environment, to automatically have the related parameters.

Spring MyBatis configuration

Here I describe the project configuration to use MyBatis as ORM and benefit of the transactions management provided by Spring.
For that, we have to add the MyBatis-Spring library to the basic MyBatis.

First, the Maven POM is like:

<dependency>
    <groupId>org.mybatis</groupId>
    <artifactId>mybatis</artifactId>
    <version>3.2.3</version>
</dependency>
<dependency>
    <groupId>org.mybatis</groupId>
    <artifactId>mybatis-spring</artifactId>
    <version>1.2.1</version>
</dependency>

And now, the Spring configuration file where we define the SqlSessionFactoryBean:

<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
                        http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd">
    
    <bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
        <property name="dataSource" ref="dataSource" />
        <property name="mapperLocations" value="classpath:xml/*Mapper.xml" />
    </bean>
</beans>

The SqlSessionFactoryBean needs a datasource, and also the location of the MyBatis xml mappers.

Now, the configuration is done and the mappers will be managed by Spring using with this:

<!-- this is the parent of our Mappers. It defines the sqlSessionFactory which is common to all our mapper beans -->
<bean id="mapper" abstract="true">
	<property name="sqlSessionFactory" ref="sqlSessionFactory" />
</bean>
<!-- Place MyBatis Mappers here -->
<bean id="entityMapper" class="org.mybatis.spring.mapper.MapperFactoryBean" parent="mapper">
	<property name="mapperInterface"
		value="net.classnotfound.data.mapper.EntityMapper" />
</bean>

We can see that the mappers are instantiated by the org.mybatis.spring.mapper.MapperFactoryBean which needs a reference to the SqlSessionFactory object we defined earlier.
To avoid some oversights (and reduce the mount of lines I have to write πŸ™‚ ), I use the “abstract” Spring feature to put the session factory in the abstract mapper, then I can reference it as a parent in all my MapperFactories.

Now the entityMapper we defined is “injectable” in our Spring managed beans and we can use our preferred way of transaction management.

ThreadLocal usage

The ThreadLocal is very helpful to keep some information available from anywhere in the application but it is very important to release it when the process ends, otherwise, the resource will never be free and can cause a memory leak.

Here is an example of using TheadLocal to store data in a web application. I define a filter to setup the content of the ThreadLocal and I use it later in a servlet.

First of all, I create a class to store the ThreadLocal:

package net.classnotfound.threadlocal.handler;

public class ThreadLocalHandler {
    private static ThreadLocal myThreadLocal = new ThreadLocal<>();
    
    public static void setData(final String value) {
        myThreadLocal.set(value);
    }
    
    public static String getValue() {
        return myThreadLocal.get();
    }

    public static void remove() {
        myThreadLocal.remove();
    }
}

Now, the filter which is responsible of initialization of the ThreadLocal content:

package net.classnotfound.threadlocal.filter;

import java.io.IOException;
[...]

@WebFilter(urlPatterns = "*")
public class ThreadLocalFilter implements Filter {

    @Override
    public void init(final FilterConfig filterConfig) throws ServletException {
    }

    @Override
    public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException {
        long time = new Date().getTime();
        ThreadLocalHandler.setData("this is the value: "+time);
        chain.doFilter(request, response);
        ThreadLocalHandler.remove();

    }

    @Override
    public void destroy() {
        ThreadLocalHandler.remove();
    }
} 

Note that the Threadlocal is initialized before calling the next filter (via the filterChain) and released after.

Now, when I want to use the value, I just need to do:

String value = ThreadLocalHandler.getValue();

My Eclipse shortcuts

Here is a list of my favorite shortcuts I use with Eclipse:
[Ctrl]+[D]: Delete row
[Ctrl]+[F]: Search in file
[Ctrl]+[H]: Search->search…
[Ctrl]+[O]: Navigation->Quick outline
[Ctrl]+[Q]: Last edit location
[Ctrl]+[S]: save the current tab
[Ctrl]+[T]: Navigation->Quick type hierarchy

[Alt]+[left/right]: Back/next to tab
[Alt]+[up/down]: Move row

[Ctrl]+[Shift]+[C]: Comment selection/uncomment commented selection
[Ctrl]+[Shift]+[G]: Search->references->workspace
[Ctrl]+[Shift]+[R]: Navigation->Open resource
[Ctrl]+[Shift]+[S]: save all tabs
[Ctrl]+[Shift]+[T]: Navigation->Open type
[Ctrl]+[Shift]+[Y]: Lowercase selection
[Ctrl]+[Shift]+[X]: Uppercase selection

[Alt]+[Shift]+[L]: Refactor->extract local variable…
[Alt]+[Shift]+[M]: Refactor->extract method…
[Alt]+[Shift]+[R]: Rename an element (variable/class/package, etc…)
[Alt]+[Shift]+[S]: Source
[Alt]+[Shift]+[T]: Refactor
[Alt]+[Shift]+[Z]: Source->surround with

[F5]: Step into (debug)
[F6]: Step over (debug)
[F7]: Step return (debug)
[F8]: Resume (debug)

I omitted the common undo, copy/paste and so on πŸ˜‰

Display Maven release number in JSF page

In the web projects, it is often useful to see quickly the version of the deployed application. A simple solution is to get it from Maven and display it in our page, in footer or a “about” page.
The main idea is to use a property file as a JSF resource as we can use, for example, when we have a i18n requirement.
For that, I put a property file version.properties with content in the resource directory:

version=${version}
revision=${buildNumber}

The version is the version defined in our project pom and it is automatically provided by Maven.
The revision is the revision number of the last build provided by SVN, to get it, I will need another Maven plugins.

Now, I need to tell to JSF to use this file as resource file, I do it in my faces-config.xml:

<application>
	<el-resolver>org.springframework.web.jsf.el.SpringBeanFacesELResolver</el-resolver>
	<resource-bundle>
	   <base-name>version</base-name>
	   <var>vers</var>
	</resource-bundle>
</application>

And to display it in our JSF pages, I add:

<body>
   [...]
	<div>classNotFound.net ©2014 -
		v#{vers.version} - #{vers.revision}</div>
</body>

If I try to access to this page, I will not see the version/revision, to do that, I have to ask Maven to filter the properties files and replace the variables.
In my pom.xml, I add:

<build>
	<resources>
		<resource>
			<directory>src/main/resources</directory>
			<filtering>true</filtering>
			<includes>
				<include>**/*</include>
			</includes>
		</resource>
	</resources>
</build>

To have the build number, I have to use 3 Maven plugins:

<pluginManagement>
        <plugins>
            <plugin>
            <groupId>org.codehaus.mojo</groupId>
            <artifactId>buildnumber-maven-plugin</artifactId>
            <executions>
                <execution>
                    <phase>validate</phase>
                    <goals>
                        <goal>create</goal>
                    </goals>
                </execution>
            </executions>
            <configuration>
                <doCheck>false</doCheck>
                <doUpdate>false</doUpdate>
                <providerImplementations>
                    <svn>javasvn</svn>
                </providerImplementations>
            </configuration>
            <dependencies>
                <dependency>
                    <groupId>com.google.code.maven-scm-provider-svnjava</groupId>
                    <artifactId>maven-scm-provider-svnjava</artifactId>
                    <version>2.0.2</version>
                </dependency>
                <dependency>
                    <groupId>org.tmatesoft.svnkit</groupId>
                    <artifactId>svnkit</artifactId>
                    <version>1.7.5-v1</version>
                </dependency>
            </dependencies>
        </plugin>
        </plugins>
    </pluginManagement>
  </build>
  
    <scm>
        <connection>scm:svn:https://forge.classnotfound.net/svn/version/trunk/project/project-web</connection>
        <developerConnection>scm:svn:https://forge.classnotfound.net/svn/project/trunk/project/project-web</developerConnection>
        <url>https://forge.classnotfound.net/svn/project/trunk/project/project-web</url>
    </scm>

Now, it works.

Enable transactions on Informix DB

We need to have the following variables set:

INFORMIXDIR=/opt/IBM/informix
INFORMIXSQLHOSTS=/opt/IBM/Informix/etc/sqlhosts.ol_informix1170
INFORMIXSERVER=ol_informix1170
  1. Now, we can enable the transactions, in first we need to put the database in β€œquiescent mode” (???):

    >/opt/IBM/informix/bin/onmode –uy
    

    Note: doing this disable access to the database.

  2. enable transactions:

    >/opt/IBM/informix/bin/ontape –s –L 0 –B d9exp
    
  3. Re-enable the connections:

    >/opt/IBM/informix/bin/onmode -m
    
  4. Helpful information: Jdbc configuration

    jdbc:oracle:thin:@server:port:db
    

    More information here

Spring Security with JSF 2 and custom login form

Here, I am integrating Spring Security with JSF 2 using a custom login form.

First, the maven dependencies for Spring-Security (I consider that the JSF project is already set-up, if it is not the case, you can check here):

<properties>
    ...
    <spring.security.version>3.2.4.RELEASE</spring.security.version>
</properties>
...
<!-- Spring-Security dependencies -->
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-core</artifactId>
    <version>${spring.security.version}</version>
</dependency>
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-config</artifactId>
    <version>${spring.security.version}</version>
</dependency>
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-web</artifactId>
    <version>${spring.security.version}</version>
</dependency>

In the web.xml, we have to configure the Spring-Security filter as follow:

<!-- Enable Spring Filter: Spring Security works on the concept of Filters -->
<!-- Declare the Spring filter -->
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>
        org.springframework.web.filter.DelegatingFilterProxy
    </filter-class>
</filter>
<!-- Defines urls pattern on which the filter is applied -->
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>

Note: if you don’t add the forward to it, the managed bean will not be able to send the request to the filter (I experienced that!!).

We need a simple index.xhtml which will be protected by Spring (I don’t describe it here) and a custom login page which receive the credentials typed by the user.
This page contains only the user name, the password and another field method which is here to show how we can get it on the server:

<h:form id="loginFormId" prependId="false">
    <div class="full-box" style="text-align: center">
        <div class="child-box box-c3">
            <h3>Login</h3>
            <div class="fluid-row">
                <div class="fluid-column fluid-c12">
                    <div class="forLabel" style="width: 30%">
                        <h:outputLabel for="username" value="User" />
                    </div>
                    <div class="forField" style="width: 65%">
                        <h:inputText id="username" required="true"
                            requiredMessage="Please enter username (or go to hell...)" />
                        <h:messages for="username" />
                    </div>
                </div>
                <div class="fluid-column fluid-c12">
                    <div class="forLabel" style="width: 30%">
                        <h:outputLabel for="password" value="Password" />
                    </div>
                    <div class="forField" style="width: 65%">
                        <h:inputSecret id="password" required="true"
                            requiredMessage="Please enter password (otherwise you'll die!!)"
                            name="password" />
                        <h:messages for="password" />
                    </div>
                </div>
                <div class="fluid-column fluid-c12">
                    <div class="forLabel" style="width: 30%">
                        <h:outputText value="Authentication" />
                    </div>
                    <div class="forField" style="width: 65%">
                        <h:selectBooleanCheckbox id="method" name="method" />
                        <h:outputLabel for="method" value="LDAP" />
                    </div>
                </div>
            </div>
            <ui:fragment rendered="${!empty param['error']}">
                <div>Connection failed: user and/or password are wrong.</div>
            </ui:fragment>
            <div id="loginBtnPanelId">
                <h:commandButton id="btnLoginId" value="Login" type="submit"
                    action="${loginManager.doLogin()}" styleClass="loginPanelBtn" />
            </div>
        </div>
    </div>
</h:form>

The form is very simple, we can see the 3 fields and a portion which is conditionally rendered if error param is available.
The content of this form is sent to a managed bean which is responsible of forwarding data to the Spring-Security filter:

import java.io.IOException;

import javax.faces.bean.ManagedBean;
import javax.faces.bean.RequestScoped;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

@ManagedBean
@RequestScoped
public class LoginManager {

    public String doLogin() throws IOException, ServletException {
        ExternalContext context = FacesContext.getCurrentInstance().getExternalContext();
        RequestDispatcher dispatcher = ((ServletRequest) context.getRequest()).getRequestDispatcher("/j_spring_security_check");
        dispatcher.forward((ServletRequest) context.getRequest(), (ServletResponse) context.getResponse());
        FacesContext.getCurrentInstance().responseComplete();
        return null;
    }

}

Now, we need to have a look to the Spring configuration file, the security is configured as follow:

<security:http use-expressions="true">
    <!-- refers to http://docs.spring.io/spring-security/site/docs/3.0.x/reference/el-access.html -->
    <security:intercept-url pattern="/faces/login.xhtml"
        access="anonymous" />
    <security:intercept-url pattern="/css/**"
        access="anonymous" />
    <security:intercept-url pattern="/**"
        access="authenticated" />
    <security:form-login login-page="/faces/login.xhtml"
        authentication-failure-url="/faces/login.xhtml?error=1"
        default-target-url="/faces/index.xhtml"
        authentication-details-source-ref="myAuthenticationDetailsSource"
        username-parameter="username" password-parameter="password" />
</security:http>

We can see that we have to enable anonymous access to the login form (otherwise, you will see some strange messages in your browser, I let you guess why). To have a beautiful login page, we also allow anonymous access to the CSS, the rest of the site has a restricted access controlled by Spring.
As we use a custom login form, the form-login element must indicate which one we want to use with the login-page attribute.
To be able to store the custom field (the method if you forgot it), we have to implement a custom class, it is the one we see in the authentication-details-source-ref attribute.

This is how it is defined in the Spring configuration file:

<bean id="myAuthenticationDetailsSource"
    class="net.classnotfound.jsf.spring.security.security.MyAuthenticationDetailsSource">
</bean>

And the class which implements the org.springframework.security.authentication.AuthenticationDetailsSource interface:

import javax.servlet.http.HttpServletRequest;

import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.web.authentication.WebAuthenticationDetails;

/**
 * This class provides a custom AuthenticationDetail which stores the connection
 * type method (Oracle/Ldap)
 *
 */
public class MyAuthenticationDetailsSource implements AuthenticationDetailsSource {

    /**
     * returns the {@link WebAuthenticationDetails} according to LuxFact rule
     * 
     * @param context
     */
    @Override
    public WebAuthenticationDetails buildDetails(final HttpServletRequest context) {
        return new MyAuthenticationDetails(context);
    }

}

This class provides an implementation of a org.springframework.security.web.authentication.WebAuthenticationDetails which will store our extra parameter, its implementation is very simple:

import javax.servlet.http.HttpServletRequest;

import org.springframework.security.web.authentication.WebAuthenticationDetails;

/**
 * this class stores data used for authentication (mainly the authentication
 * method)
 * 
 */
public class MyAuthenticationDetails extends WebAuthenticationDetails {

    /**
     * 
     */
    private static final long serialVersionUID = 1L;
    private final String method;

    public MyAuthenticationDetails(final HttpServletRequest request) {
        super(request);
        method = request.getParameter("method");
    }

    public String getMethod() {
        return method;
    }

}

As we can see, this class does nothing else than getting the custom parameter from the request and storing it.

Now, to use this extra parameter, we need to customize the way a user is authenticated. As this task is, by default, done by Spring, it means that we have to write a new class which implements the org.springframework.security.authentication.AuthenticationProvider interface. We can see its declaration in the Spring configuration file here:

<bean id="myAuthenticationProvider"
    class="net.classnotfound.jsf.spring.security.security.MyAuthenticationProvider">
</bean>

<security:authentication-manager>
    <!-- create a custom AuthenticationProvider class to tune the login 
        process -->
    <security:authentication-provider
        ref="myAuthenticationProvider" />
</security:authentication-manager>

And its implementation:

import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

public class MyAuthenticationProvider implements AuthenticationProvider {

    @Override
    public Authentication authenticate(final Authentication authentication) throws AuthenticationException {

        Authentication res = isValid(authentication);
        if (!res.isAuthenticated()) {
            throw new BadCredentialsException("Bad credentials");
        }
        return res;
    }

    private Authentication isValid(final Authentication authentication) {
        Authentication res = authentication;
        System.out.println("Selected method: "+((MyAuthenticationDetails)authentication.getDetails()).getMethod());
        if ("Admin".equals(authentication.getPrincipal())&&"Password".equals(authentication.getCredentials())) {
            res = createSuccessAuthentication(authentication);
        }
        return res;
    }

    @Override
    public boolean supports(final Class authentication) {
        return authentication.equals(UsernamePasswordAuthenticationToken.class);
    }

    protected Authentication createSuccessAuthentication(final Authentication authentication) {
        // Ensure we return the original credentials the user supplied,
        // so subsequent attempts are successful even with encoded passwords.
        // Also ensure we return the original getDetails(), so that future
        // authentication events after cache expiry contain the details
        final UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), authentication.getAuthorities());
        result.setDetails(authentication.getDetails());

        return result;
    }

}

As we can see, the extra parameter is extracted from the org.springframework.security.core.Authentication.getDetails() method.

The whole Spring configuration file looks like:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:security="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">


    <!-- Enable security annotations usage -->

    <bean id="myAuthenticationDetailsSource"
        class="net.classnotfound.jsf.spring.security.security.MyAuthenticationDetailsSource">
    </bean>

    <bean id="myAuthenticationProvider"
        class="net.classnotfound.jsf.spring.security.security.MyAuthenticationProvider">
    </bean>


    <security:authentication-manager>
        <!-- create a custom AuthenticationProvider class to tune the login 
            process -->
        <security:authentication-provider
            ref="myAuthenticationProvider" />
    </security:authentication-manager>

    <security:http use-expressions="true">
        <!-- refers to http://docs.spring.io/spring-security/site/docs/3.0.x/reference/el-access.html -->
        <security:intercept-url pattern="/faces/login.xhtml"
            access="anonymous" />
        <security:intercept-url pattern="/css/**"
            access="anonymous" />
        <security:intercept-url pattern="/**"
            access="authenticated" />
        <security:form-login login-page="/faces/login.xhtml"
            authentication-failure-url="/faces/login.xhtml?error=1"
            default-target-url="/faces/index.xhtml"
            authentication-details-source-ref="myAuthenticationDetailsSource"
            username-parameter="username" password-parameter="password" />
    </security:http>

</beans>

Source files are available here.

Adding AOP using Spring

I need to add some behavior to my service beans each time I start a transaction. In fact, I am converting a 2-tiers application in a web application, and previously, the users are authenticated using a real Oracle account. This way, they were able to use some user variables, using a proxy user (I will describe it in another post), now, I need to initialize these variables each time the user requests something.
As I want something transparent to the developer, I decided to add a new behavior to my service. The idea is to add a new annotation, next to the usual @Transactional to manage the variables.
Let’s go for AOP journey πŸ™‚

First, we need to set-up the Maven dependencies, we need the standard Spring libraries and also AspectJ:

<properties>
	<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
	<spring.framework.version>4.0.5.RELEASE</spring.framework.version>
	<spring.security.version>3.2.4.RELEASE</spring.security.version>
</properties>

<dependencies>
	<dependency>
		<groupId>junit</groupId>
		<artifactId>junit</artifactId>
		<version>4.8.1</version>
		<scope>test</scope>
	</dependency>
	<dependency>
		<groupId>org.springframework</groupId>
		<artifactId>spring-core</artifactId>
		<version>${spring.framework.version}</version>
	</dependency>
	<dependency>
		<groupId>org.springframework</groupId>
		<artifactId>spring-context</artifactId>
		<version>${spring.framework.version}</version>
	</dependency>
	<dependency>
		<groupId>org.aspectj</groupId>
		<artifactId>aspectjtools</artifactId>
		<version>1.8.1</version>
	</dependency>
	
	<dependency>
		<groupId>org.springframework</groupId>
		<artifactId>spring-test</artifactId>
		<version>${spring.framework.version}</version>
		<scope>test</scope>
	</dependency>
</dependencies>

With AOP, I discovered some vocabulary, the most important for me are:

  • The advice: it represents the actions we want to be executed;
  • the pointcut: it’s when the advice must be executed, some of them are before, after, or around (I will use this one);
  • The aspect: it is the union of the 2 previous concepts.

Now, I have to define the class which must be called to execute whatever I want, meaning the advice:

package net.classnotfound.aop.advice;

import org.aspectj.lang.ProceedingJoinPoint;

public class AroundAdvice {

    public Object doBasicProfiling(final ProceedingJoinPoint pjp) throws Throwable {
        // start stopwatch
        System.out.println("Start advice...");
        Object retVal = pjp.proceed();
        // stop stopwatch
        System.out.println("Finished advice!");
        return retVal;
    }
}

This class needs to define a method with org.aspectj.lang.ProceedingJoinPoint in its method signature. This is mandatory to be able to execute my annotated method.

The annotation is only used as a marker:

package net.classnotfound.aop.annotation;

public @interface Advisable {
    //Nothing to do!
}

The service defines a method which is annotated with my tag:

package net.classnotfound.aop.service;

import net.classnotfound.aop.annotation.Advisable;


public class MyServiceImpl implements MyService {

    @Advisable
    public void doSomething() {
        System.out.println("Does something very important!");
    }

    public void doSomethingElse() {
        System.out.println("Does something else more important!");

    }
}

And the trick is done using the Spring configuration file (I prefer using it instead of the annotation config), in which we put all together and tell Spring when the advice must be called:


<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
    xmlns:aop="http://www.springframework.org/schema/aop"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
                        http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd">

    <bean id="myService" class="net.classnotfound.aop.service.MyServiceImpl" />

    <bean id="aroundAspect" class="net.classnotfound.aop.advice.AroundAdvice" />
    <aop:config>
        <aop:aspect ref="aroundAspect">
            <aop:pointcut id="aroundPointCut"
                expression="execution(* net.classnotfound.aop.service.*.*(..)) && @annotation(net.classnotfound.aop.annotation.Advisable)" />
            <aop:around pointcut-ref="aroundPointCut" method="doBasicProfiling" />
        </aop:aspect>
    </aop:config>
</beans>

We can see the pointcut and the aspect definitions.

And now, each time a method which is in defined in a class from the net.classnotfound.aop.service package and annotated with my Advisable tag, the advice is called before (and after) calling the real method.

Note: to order the execution of different advices, we have to use the order attribute on the aspect element.

Now, I will have to add the real implementation of my business, but it is not in the scope of this blog πŸ˜€

Source files are available here.

Tips: Some time, we need to define an execution order, in my case, it is important that my advice is triggered after the transaction started, to do that, nothing more complicated than adding an order attribute:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
    xmlns:aop="http://www.springframework.org/schema/aop"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
                        http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd">
    
    <tx:annotation-driven order="50"/>
[...]
    <aop:config>
        <aop:aspect ref="aroundAspect" order="100">
[...]
        </aop:aspect>
    </aop:config>
</beans>

By adding this attribute, we tell the AOP engine to process the transactional annotation before mine.

Persist list with MyBatis

As MyBatis is a basic ORM, when we need to persista list of objects, we have to implement it manually, but without any copy/paste between classes. For this purpose, I designed a generic merger which is responsible of that task.
It has to go through a list of objects and determine:

  1. what is new and needs to be created
  2. what is not there meaning it has been deleted
  3. what was already here and needs to be updated

To identify in which case we are, we need to provide it a java.util.Comparator and also a Dao to be able to interact with the database.

This is done in one main class (which uses also what I described in a previous post)

package net.classnotfound.data.dao.utils;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Comparator;
import java.util.Iterator;
import java.util.List;

import net.classnotfound.capability.Identifiable;
import net.classnotfound.data.dao.Dao;

/**
 * This class is used to merge a list with another list. It is helpful when we need to marge a list of elements
 * which come from the GUI with the list in the database
 * @author roussehe
 *
 * @param <T> the type of element we have to manage
 */
public class MergerList<T extends Identifiable> {
    
    private Dao<T> dao;
    
    private Finder<T> finder;
    
    /**
     * 
     * @param dao the dao used to merge the new or existing entries and to delete the removed ones 
     * @param comparator the comparator used to know if an element already exists in the DB
     */
    public MergerList(Dao<T> dao, Comparator<T> comparator) {
        super();
        this.dao = dao;
        this.finder = new Finder<>(comparator);
    }

    /**
     * merge the 2 lists, making comparison between existing/new/removed entries and persist the data in the database
     * @param oldEntryList the list coming from the db (usually)
     * @param newEntryList the new list we need to persist
     */
    public void mergeList(List<T> oldEntryList, List<T> newEntryList) {
        List<T> mergedEntries = new ArrayList<>();
        List<T> deletedEntries = new ArrayList<>();
        //we have to go through the 2 lists and check it one by one
        if(oldEntryList!=null&& !oldEntryList.isEmpty()) {
            //here, we check the entries which are present or not in the old list
            for (T entry : oldEntryList) {
                T found = finder.findMember(entry, newEntryList);
                if (found!=null) {//if found, we have to update it
                    mergedEntries.add(found);
                } else {//not found means it must be deleted from db
                    deletedEntries.add(entry);
                }
            }
        }
        if(newEntryList!=null&& !newEntryList.isEmpty()) {
            //here we check the entries which are only present in the new list
            for (T entry : newEntryList) {
                T found = finder.findMember(entry, oldEntryList);
                if(found == null) {//if not found in db, it's a new entry
                    mergedEntries.add(entry);
                }//if found, it is already managed in the previous loop
            }
        }
        //process records
        deleteEntries(deletedEntries);
        mergeEntries(mergedEntries);
    }

    
    /** As my Dao can manage create and update, it is done in one time.
     * @param mergeEntries
     */
    private void mergeEntries(List<T> mergeEntries) {
        for (T t: mergeEntries) {
            dao.merge(t);
        }
        
    }

    private void deleteEntries(Collection<T> deletedItems) {
        for (T t: deletedItems) {
            dao.delete(t);
        }
    }
    
    /**
     * This class is a helper class to find an object in a list of items
     *
     * @param <R>
     */
    private class Finder<R>{
        private Comparator<R> comp;
        
        Finder(Comparator<R> comp) {
            super();
            this.comp = comp;
        }

        /**
         * This method is responsible of getting object from the provided list.
         * @param entry
         * @param list
         * @return the object if found, or null otherwise
         */
        R findMember(R entry, List<R> list) {
            R found = null;
            if(list!=null&&!list.isEmpty()) {
                for (Iterator<R> iterator = list.iterator(); iterator.hasNext()&&found==null;) {
                    R currEntry = iterator.next();
                    if(comp.compare(entry, currEntry)==0)
                        found = currEntry;
                }
            }
            return found;
        }
    }
}

Done πŸ˜€