Design Patterns, protection proxy access issues
54 views
Skip to first unread message
stefa...@googlemail.com
Nov 8, 2008, 4:14:45 PM11/8/08
to The Java Posse
Hello everyone!
I'm writing a paper on Java Design Patterns. My topic is the protected
Proxy. I found several solutions how to implement such a proxy but
I'm not sure if I understand everything right.
The Proxy checks username and pw before the realobject is created.
It should be impossible to access the real class directly. In this
case the proxa would be useless, because I can run methods etc by
using the real subject bypassing the proxy access rules.
Al my classes are in the same Package.
<------------ MY INTERFACE ------------------------->
package protectedlproxy;
public interface ListFiles
{
public void setName(String aName);
public void setPasswort(String aPasswort);
public void listall(String path);
}
>-----------------------------------------------------------------<
< -------------- MY Proxy --------------------------------->
package protectedproxy;
import java.util.HashMap;
import java.util.Map;
/**
*
* @author keul-stefan
*/
public class ProxyListfiles implements ListFiles{
RealListfiles reallistfiles;
private String gName;
private String gPasswort;
private String errormessage = "";
private Map db = new HashMap();
public ProxyListfiles() {
try{
db.put("Keul","123456"); // bei initial festgelegte User
db.put("Zimmer","123456");
db.put("Paffrath","123456");
}catch(Exception dbput)
{
errormessage = dbput.toString();
System.out.println(this.errormessage);
}
}
public void setName(String aName){
gName = aName;
//listall();
}
public void setPasswort(String aPasswort){
gPasswort = aPasswort;
//listall();
}
public void listall(String path)
{
System.out.println("Name = " + this.gName + " Passwort = " +
this.gPasswort );
try{
Object t;
if (!this.gName.equals(null))
{
t = db.get(this.gName);
if (t.equals(this.gPasswort))
{
// Name u. Passwort stimme!
if (reallistfiles == null)
reallistfiles = new RealListfiles();
reallistfiles.listall(path);
}
}
}catch(Exception cc)
{
errormessage = cc.toString();
}
}
}
< -------------- MY Reallisfiles --------------------------------->
package protectedproxy;
import java.io.File;
/**
*
* @author keul-stefan
*/
class RealListfiles{
public void listall(String path){
File [] liste = new File(path).listFiles();
for (int i=0; i < liste.length; i++)
System.out.println(liste[i]);
}
}
< -------------- MY Client --------------------------------->
package protectedvirtualproxy;
/**
*
* @author keul-stefan
*/
public class Client {
public static void main(String[] args) {
ListFiles Proxy = new ProxyListfiles();
String name = "Keul";
String passwort= "123456";
Proxy.setName(name);
Proxy.setPasswort(passwort);
Proxy.listall("C:\\Windows\\");
#-#-#-#-#-#-#-#-#-#-#-#-#-#-# END OF CODE #-#-#-#-#-
This ist ok!!
Proxy.setName(name);
Proxy.setPasswort(passwort);
Proxy.listall("C:\\Windows\\");
but 4 example,:
RealListfiles bypass;
bypass = new RealListfiles();
bypass.listall()
should be not possible
I would be very grateful for some advices. Help pls
Thx
I'm writing a paper on Java Design Patterns. My topic is the protected
Proxy. I found several solutions how to implement such a proxy but
I'm not sure if I understand everything right.
The Proxy checks username and pw before the realobject is created.
It should be impossible to access the real class directly. In this
case the proxa would be useless, because I can run methods etc by
using the real subject bypassing the proxy access rules.
Al my classes are in the same Package.
<------------ MY INTERFACE ------------------------->
package protectedlproxy;
public interface ListFiles
{
public void setName(String aName);
public void setPasswort(String aPasswort);
public void listall(String path);
}
>-----------------------------------------------------------------<
< -------------- MY Proxy --------------------------------->
package protectedproxy;
import java.util.HashMap;
import java.util.Map;
/**
*
* @author keul-stefan
*/
public class ProxyListfiles implements ListFiles{
RealListfiles reallistfiles;
private String gName;
private String gPasswort;
private String errormessage = "";
private Map db = new HashMap();
public ProxyListfiles() {
try{
db.put("Keul","123456"); // bei initial festgelegte User
db.put("Zimmer","123456");
db.put("Paffrath","123456");
}catch(Exception dbput)
{
errormessage = dbput.toString();
System.out.println(this.errormessage);
}
}
public void setName(String aName){
gName = aName;
//listall();
}
public void setPasswort(String aPasswort){
gPasswort = aPasswort;
//listall();
}
public void listall(String path)
{
System.out.println("Name = " + this.gName + " Passwort = " +
this.gPasswort );
try{
Object t;
if (!this.gName.equals(null))
{
t = db.get(this.gName);
if (t.equals(this.gPasswort))
{
// Name u. Passwort stimme!
if (reallistfiles == null)
reallistfiles = new RealListfiles();
reallistfiles.listall(path);
}
}
}catch(Exception cc)
{
errormessage = cc.toString();
}
}
}
< -------------- MY Reallisfiles --------------------------------->
package protectedproxy;
import java.io.File;
/**
*
* @author keul-stefan
*/
class RealListfiles{
public void listall(String path){
File [] liste = new File(path).listFiles();
for (int i=0; i < liste.length; i++)
System.out.println(liste[i]);
}
}
< -------------- MY Client --------------------------------->
package protectedvirtualproxy;
/**
*
* @author keul-stefan
*/
public class Client {
public static void main(String[] args) {
ListFiles Proxy = new ProxyListfiles();
String name = "Keul";
String passwort= "123456";
Proxy.setName(name);
Proxy.setPasswort(passwort);
Proxy.listall("C:\\Windows\\");
#-#-#-#-#-#-#-#-#-#-#-#-#-#-# END OF CODE #-#-#-#-#-
This ist ok!!
Proxy.setName(name);
Proxy.setPasswort(passwort);
Proxy.listall("C:\\Windows\\");
but 4 example,:
RealListfiles bypass;
bypass = new RealListfiles();
bypass.listall()
should be not possible
I would be very grateful for some advices. Help pls
Thx
Martin OConnor
Nov 9, 2008, 6:25:07 AM11/9/08
to The Java Posse
Put the protected proxy and the real object into a single package.
The real object's constructor should be package private (default)
access.
Therefore only classes in that package, i.e. the Proxy can instantiate
the real object class.
You would then want to consider putting the files into a jar and using
the sealed package facility to ensure that client code could not be
created in the same package as the proxy.
On Nov 8, 9:14 pm, "stefan.k...@googlemail.com"
The real object's constructor should be package private (default)
access.
Therefore only classes in that package, i.e. the Proxy can instantiate
the real object class.
You would then want to consider putting the files into a jar and using
the sealed package facility to ensure that client code could not be
created in the same package as the proxy.
On Nov 8, 9:14 pm, "stefan.k...@googlemail.com"
stefa...@googlemail.com
Nov 9, 2008, 7:15:26 AM11/9/08
to The Java Posse
Thanks for your reply. I'll give it a try.
Reply all
Reply to author
Forward
0 new messages