key ingredients of a service-oriented component:
Facade: Provides simplified, centralized access to the component and decouples the client from the concrete services. It is the
network and transaction boundary.
Service: The actual implementation of business logic.
Domain structure: This is a structure rather than an object. It implements the component's persistence and exposes all of its state to the
services, without encapsulation.
This convention not only standardizes the structure and improves maintainability, but also allows automatic dependency validation
with frameworks like JDepend, Checkstyle, Dependometer, SonarJ, or XRadar. You can even perform the validation at build time. If you do, the continuous build would break on violation of defined dependencies.
The rules are clearly defined with strict layering: a facade may access a service, and the service a domain object, but not
vice versa
Gas3 uses the principle of "Base" and customizable inherited classes that let you add methods to generated classes without facing the risk
of losing them when a new generation process is executed
5.3. Java Classes and Corresponding Templates
summary of templates used by the generator depending on the kind of Java class it encounters:
these templates are bundled in the granite-generator.jar archive, in the org.granite.generator.template
package and accessible as resources via the class loader
class: protocol is used because all standard templates are available in the classpath
Alternatively, you may use the file: protocol to load your template from the filesystem. These templates can be
specified either by using absolute paths (eg. file:/absolute/path/to/mytemplate.gsp) or paths relative to your
current Eclipse project root directory (eg. path/to/mytemplate.gsp).
ActionScript 3 generator is able to write AS3 typed client proxies for exposed remote services
Compared to the usual Flex RemoteObject, this can greatly help development by bringing
auto-completion
improved type-safety
in Flex
when using remote services.
replicate validation annotations in order to use the Flex side validation framework
Known Limitations
Gas3 does not support inner classes
must declare your classes in separated source files
if you want them to be correctly handled by the generator
How To Deal With Interfaces In Java EE 6 (or no more Impl)
In Java EE 6 interfaces became absolutely optional. Neither in EJB 3.1, nor CDI / JSR-330 you need interfaces. You can inject classes directly. They will be still proxied, so all aspects like persistence, transactions, interceptors, decorators are still available. So you are no more forced to implement interfaces by the container
used for:
Strategy Pattern: there are already several implementations of an algorithm or concept
Layering: there is a clear need to hide e.g. an ugly implementation of a legacy framework
API (not very common): you have to expose a API, which gets implemented by SPI (e.g. JDBC)
If you introduce interfaces intentionally - and not as a general rule, you will considerably reduce the number of files. Your code becomes easier to understand and so maintain
Even for decoupling purposes, interfaces are no more needed
"Contract First", "Coding To Interfaces" or "Decoupling"
is not a reason to introduce an interface for everything
Seam Security is built around the premise of users being granted roles and/or permissions, allowing them to
perform operations that may not otherwise be permissible for users without the necessary security privileges
15.6.1.1. What is a role?
A role is a group, or type, of user that may have been granted certain
privileges for performing one or more specific actions within an application
used to create logical groups of users for the convenient assignment of specific application privileges
15.6.1.2. What is a permission?
A permission is a privilege (sometimes once-off) for performing a single, specific action. It is entirely possible to
build an application using nothing but permissions, however roles offer a higher level of convenience when granting
privileges to groups of users
consisting of three
"aspects";
a target
an action
a recipient
An empty @Restrict implies a permission check of componentName:methodName
implied permission required to call the delete() method is
account:delete
equivalent of this would be to write
@Restrict("#{s:hasPermission('account','delete')}")
@Restrict annotation may reference any objects that
exist within a Seam context. This is extremely useful when performing permission checks for a specific
object instance.
selectedAccount
selectedAccount
Identity.instance().checkRestriction
If the expression specified doesn't evaluate to true, either
if the user is not logged in, a NotLoggedInException
exception is thrown or
if the user is logged in, an AuthorizationException
exception is thrown.
must be unpredictable (random enough) to prevent guessing attacks
good PRNG (Pseudo Random Number Generator) must be used
must provide at least 64 bits of entropy
Session ID Content (or Value)
content (or value) must be meaningless
identifier on the client side
meaning and business or application logic associated to the session ID must be stored on the server side
session objects or in a session management database or repository
create cryptographically strong session IDs through the usage of cryptographic hash functions such as SHA1 (160 bits).
Session Management Implementation
defines the exchange mechanism that will be used between the user and the web application to share and continuously exchange the session ID
token expiration date and time
This is one of the reasons why cookies (RFCs 2109 & 2965 & 6265 [1]) are one of the most extensively used session ID exchange mechanisms, offering advanced capabilities not available in other methods
Transport Layer Security
use an encrypted HTTPS (SSL/TLS) connection for the entire web session
not only for the authentication
process where the user credentials are exchanged.
“Secure” cookie attribute
must be used to ensure the session ID is only exchanged through an encrypted channel
never switch a given session from HTTP to HTTPS, or viceversa
should not mix encrypted and unencrypted contents (HTML pages, images, CSS, Javascript files, etc) on the same host (or even domain - see the “domain” cookie attribute)
should not offer public unencrypted contents and private encrypted contents from the same host
www.example.com over HTTP (unencrypted) for the public contents
secure.example.com over HTTPS (encrypted) for the private and sensitive contents (where sessions exist)
only has port TCP/80 open
only has port TCP/443 open
“HTTP Strict Transport Security (HSTS)” (previously called STS) to enforce HTTPS connections.
Secure Attribute
instructs web browsers to only send the cookie through an encrypted HTTPS (SSL/TLS) connection
HttpOnly Attribute
instructs web browsers not to allow scripts (e.g. JavaScript or VBscript) an ability to access the cookies via the DOM document.cookie object
Domain and Path Attributes
instructs web browsers to only send the cookie to the specified domain and all subdomains
“Domain” cookie attribute
“Path” cookie attribute
instructs web browsers to only send the cookie to the specified directory or subdirectories (or paths or resources) within the web application
vulnerabilities in www.example.com might allow an attacker to get access to the session IDs from secure.example.com
Expire and Max-Age Attributes
“Max-Age”
“Expires” attributes
it will be considered a
persistent cookie
and will be stored on disk by the web browser based until the expiration time
use non-persistent cookies for session management purposes, so that the session ID does not remain on the web client cache for long periods of time, from where an attacker can obtain it.
