[NEW ISSUE] Problems with Java Client API classes

[Mike Edwards <mike_edwards@uk.ibm.com>]

Target:        
       sca-javacaa-1.1-spec-wd051.doc

Description:

The Java CAA specifications define the
Java Client interface and a set of Java classes that are used to support
the Client interface.

There are some problems with these Java
classes, as follows:

1) Call to get ThreadContextClassloader
needs Security wrapping:

SCAClientFactoryFinderImpl class

getThreadContextClassLoader () method

This method accesses the ThreadContextClassLoader without a doPriviledged wrapper, which gives problems when using this
code in a secured environment:

    private static ClassLoader getThreadContextClassLoader () {
        final ClassLoader threadClassLoader =
                Thread.currentThread().getContextClassLoader();
        return threadClassLoader;
    }

2) SCAClientFactoryFinderImpl class does not support a null Domain name

 instantiateSCAClientFactoryClass(...) method:

    private static SCAClientFactory instantiateSCAClientFactoryClass(
                            Class<? extends SCAClientFactory> factoryImplClass,
                        URI domainURI)
        throws NoSuchDomainException, ServiceRuntimeException {
       
        try {
            Constructor<? extends SCAClientFactory> URIConstructor =
                    factoryImplClass.getConstructor(domainURI.getClass());       <<-------- this method invocation
            SCAClientFactory provider =
               URIConstructor.newInstance( domainURI );

By using domainURI.getClass(), this code unnecessarily requires a non-null domainURI,, even if the eventual client Factory implementation
supports a null Domain name.

3) Properties not passed on the SCAClientFactory

SCAClientFactoryFinderImpl class
instantiateSCAClientFactoryClass(...) method:

Various of the client APIs provide the capability to pass a set of Properties to the SCAClientFactory, but the default code in the
SCAClientFactoryFinderImpl class does not pass these Properties to the underlying SCAClientFactory:

    private static SCAClientFactory instantiateSCAClientFactoryClass(
                            Class<? extends SCAClientFactory> factoryImplClass,      // 1)  <<----- no Properties parameter to the method
                        URI domainURI)
        throws NoSuchDomainException, ServiceRuntimeException {
       
        try {
            Constructor<? extends SCAClientFactory> URIConstructor =
                    factoryImplClass.getConstructor(domainURI.getClass());
            SCAClientFactory provider =
               URIConstructor.newInstance( domainURI );                         // 2)  <<------ no Properties parameter when creating the SCAClientFactory
            return provider;


Proposal:

1) Add a doPrivileged wrapped in the getThreadContextClassLoader() method:

     private static ClassLoader getThreadContextClassLoader () {
        return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
            public ClassLoader run() {
                return Thread.currentThread().getContextClassLoader();
            }
        });
    }

2)  Allow a null domainURI

Change the  instantiateSCAClientFactoryClass(...) method: to get the URI class directly:

         try {
            Constructor<? extends SCAClientFactory> URIConstructor =
                             factoryImplClass.getConstructor(URI.class);       //<<------- get the URI class directly
            SCAClientFactory provider =
               URIConstructor.newInstance( domainURI );
            return provider;


3) Add a Properties parameter to the instantiateSCAClientFactoryClass method and to the newInstance

     private static SCAClientFactory instantiateSCAClientFactoryClass(
                       Class<? extends SCAClientFactory> factoryImplClass,
                       URI domainURI, Properties properties)                // <<----- add Properties parameteer
        throws NoSuchDomainException, ServiceRuntimeException {

        try {
            Constructor<? extends SCAClientFactory> URIConstructor =
               factoryImplClass.getConstructor(URI.class, Properties.class);  //  <<---- look for the constructor with Properties parameter
            SCAClientFactory provider =
               URIConstructor.newInstance( domainURI, properties );           //  <<---- call newInstance with properties parameter
            return provider;
        } catch (Throwable ex) {
            throw new ServiceRuntimeException(


+ change the invocation of instantiateSCAClientFactoryClass(...) method in the find(...)
method:

    public SCAClientFactory find(Properties properties,
                                 ClassLoader classLoader,
                                 URI domainURI )
            throws NoSuchDomainException, ServiceRuntimeException {
                if (classLoader == null) {
                        classLoader = getThreadContextClassLoader ();
                }
                final String factoryImplClassName =
                        discoverProviderFactoryImplClass(properties, classLoader);
                final Class<? extends SCAClientFactory> factoryImplClass
                        = loadProviderFactoryClass(factoryImplClassName,
                                                           classLoader);
                final SCAClientFactory factory =
                        instantiateSCAClientFactoryClass(factoryImplClass,
                                                                   domainURI, properties );     // <<----  added properties parameter
                return factory;
        }




Yours, Mike

Dr Mike Edwards		Mail Point 137, Hursley Park
STSM		Winchester, Hants SO21 2JN
SCA & Services Standards		United Kingdom
Co-Chair OASIS SCA Assembly TC
IBM Software Group
Phone:	+44-1962 818014
Mobile:	+44-7802-467431 (274097)
e-mail:	mike_edwards@uk.ibm.com

---

Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU