ObjectFilter

What is ObjectFilter?

ObjectFilter raises the bar in application security by specifically controlling who has access to what objects. ObjectFilter allows you to specify a global set of rules to control access to any object in a given thread of execution.

ObjectFilter uses AspectJ to block access to object instances on an individual bases, for example:

    public void testBlockReference()
    {
        Filter filter = Filter.instance();
        filter.setActor(new Object());
        filter.addRules(Teacher.class, new Rules()
        {
            public boolean allow(Object actor, Object instance)
            {
                return false;
            }
        });

        Teacher mr_brown = new Teacher("Mr. Brown");
        ClassRoom english = new ClassRoom(mr_brown);
        assertNull(english.getTeacher());
    }

    public void testAllowReference()
    {
        Filter filter = Filter.instance();
        filter.setActor(new Object());
        filter.addRules(Teacher.class, new Rules()
        {
            public boolean allow(Object actor, Object instance)
            {
                return true;
            }
        });

        Teacher mr_brown = new Teacher("Mr. Brown");
        ClassRoom english = new ClassRoom(mr_brown);
        assertEquals(mr_brown, english.getTeacher());
    }

Both the test cases above pass.

Additionally, there is (currently) limited support for filtering Collection instances retrieved. The collections being filtered must be allowed to be made unmodifiable, and right now must be defined to an interface. This will be improving. The best part about the collection filtering though is that if the object isn't visible, it won't be in the collection from the client code perspective, as demonstrated by the following unit tests.

    public void testAllowAllStudents()
    {
        Filter filter = Filter.instance();
        filter.setActor(new Object());
        filter.addRules(Student.class, new Rules()
        {
            public boolean allow(Object actor, Object instance)
            {
                return true;
            }
        });

        Teacher mr_brown = new Teacher("Mr. Brown");
        Student[] students = new Student[]{new Student("Tim"),
                                           new Student("Suzie")};
        ClassRoom english = new ClassRoom(mr_brown, students);
        assertEquals(2, english.getStudents().size());
    }

    public void testAllowFirstStudentOnly()
    {
        Filter filter = Filter.instance();
        filter.setActor(new Object());
        filter.addRules(Student.class, new Rules()
        {
            boolean first = true;

            public boolean allow(Object actor, Object instance)
            {
                if (first)
                {
                    first = false;
                    return true;
                }
                else
                {
                    return false;
                }
            }
        });

        Teacher mr_brown = new Teacher("Mr. Brown");
        Student[] students = new Student[]{new Student("Tim"),
                                           new Student("Suzie")};
        ClassRoom english = new ClassRoom(mr_brown, students);
        assertEquals(1, english.getStudents().size());
    }

ObjectFilter is available under the Apache 2.0 license. It requires AspectJ to run, and is very rough around the edges at the moment. That said, I developing a different form of this for production now, and have never felt more secure from information leakage =)

The Source Tarball is available right now. This tarball does not include the AspectJ jars because of their size (only six megs, but I am paying for my own bandwidth here). AspectJ is available from eclipse.org.