Solved: Advice on Started Threads
Moved the subject into a WeakHashMap keyed to Thread and
simply populated it based on the started thread =)
package org.skife.objectfilter;
public aspect AssociateSubjectWithSpawnedThreads
{
pointcut startThread(Thread thread): target(thread)
&& call(void java.lang.Thread.start());
before(Thread thread) : startThread(thread) {
Filter.instance().setSubject(thread, Filter.instance().getSubject());
}
}
Next glaring hole: block ability to change subject except when allowed by a given pointcut. Funny how most of the configuration for this tool is pointcut definition.
My goal for ObjectFilter, btw, is to give someone the ability to execute arbitrary code (Groovy, BeanShell, Jython, etc) in a VM, with access to the sources for whatever is in it, and still be able to prevent any information leakage =)
Pushed newest tarball as well. Lots of minor changes.
0 writebacks [/src/java/aop] permanent link
LazyWeb: Advice on Started Threads
Code shows the problem best, so... Given the following sample code:
public void testSubjectFollowsSpawnedThreads()
{
// Never allow access to teacher
rp.addRules(Teacher.class, new Rules()
{
public boolean allow(Object subject, Object object)
{
return false;
}
});
Teacher teacher = new Teacher("Mr. Brown");
final ClassRoom english = new ClassRoom(teacher);
filter.setSubject(new Object());
// Verify subject set on current thread
assertNull(english.getTeacher());
final boolean [] blocked = {false};
final boolean [] finished = {false};
Thread thread = new Thread(new Runnable()
{
public void run()
{
blocked[0] = (english.getTeacher() == null);
finished[0] = true;
}
});
thread.start();
while (!finished[0])
{
Thread.yield();
}
assertTrue(blocked[0]);
}
I am trying to define a pointcut in AspectJ to match the beginning of the execution of the Runnable associated with thread. I need to be able to access some static context in the spawning thread and pass it into the advice (the current security subject). I have tried a couple things and failed to get it right =( I am seriously thinking that a static thread-local subject may not be the best way of specifying the subject, but I don't have a better one. Any thoughts on pointcut definition?