Return-Path: 
 <dev-return-28417-apmail-jackrabbit-dev-archive=jackrabbit.apache.org@jackrabbit.apache.org>
Delivered-To: apmail-jackrabbit-dev-archive@www.apache.org
Received: (qmail 40826 invoked from network); 26 May 2010 13:13:14 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 26 May 2010 13:13:14 -0000
Received: (qmail 82017 invoked by uid 500); 26 May 2010 13:13:14 -0000
Delivered-To: apmail-jackrabbit-dev-archive@jackrabbit.apache.org
Received: (qmail 81987 invoked by uid 500); 26 May 2010 13:13:13 -0000
Mailing-List: contact dev-help@jackrabbit.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@jackrabbit.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@jackrabbit.apache.org>
List-Post: <mailto:dev@jackrabbit.apache.org>
List-Id: <dev.jackrabbit.apache.org>
Reply-To: dev@jackrabbit.apache.org
Delivered-To: mailing list dev@jackrabbit.apache.org
Received: (qmail 81980 invoked by uid 99); 26 May 2010 13:13:13 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 May 2010 13:13:13 +0000
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of tmueller@day.com designates
 207.126.148.92 as permitted sender)
Received: from [207.126.148.92] (HELO eu3sys201amo011.postini.com)
 (207.126.148.92)
    by apache.org (qpsmtpd/0.29) with SMTP; Wed, 26 May 2010 13:13:05 +0000
Received: from source ([209.85.212.53]) by eu3sys201aob105.postini.com
 ([207.126.154.11]) with SMTP
	ID DSNKS/0eSmrZxR66qC5+Lz3XDPGs8MGfH0Fk@postini.com;
 Wed, 26 May 2010 13:12:44 UTC
Received: by vws1 with SMTP id 1so166053vws.26
        for <dev@jackrabbit.apache.org>; Wed, 26 May 2010 06:12:42 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.224.71.206 with SMTP id i14mr4860136qaj.75.1274879562360;
 Wed,
	26 May 2010 06:12:42 -0700 (PDT)
Received: by 10.229.232.75 with HTTP; Wed, 26 May 2010 06:12:42 -0700 (PDT)
In-Reply-To: <AANLkTilUzy0X9hfAOJt2k40ld9wKNrowJPTKttr0R5ns@mail.gmail.com>
References: <AANLkTikdTtijzT25d97i79chHBDu6362jR-yNbjzUfih@mail.gmail.com>
	<AANLkTikNiTWJhzRC2Z3X_SWGtMdrwOu--wgYI8LSKvvS@mail.gmail.com>
	<AANLkTilUzy0X9hfAOJt2k40ld9wKNrowJPTKttr0R5ns@mail.gmail.com>
Date: Wed, 26 May 2010 15:12:42 +0200
Message-ID: <AANLkTiki5Wl_rmXOzdYIh9mbdl-LBwFrRSXAW44rqDKb@mail.gmail.com>
Subject: Re: [jr3] Security through obscurity
From: =?ISO-8859-1?Q?Thomas_M=FCller?= <thomas.mueller@day.com>
To: dev@jackrabbit.apache.org
Content-Type: text/plain; charset=ISO-8859-1
X-Virus-Checked: Checked by ClamAV on apache.org

> Not exposing implementation details through public API
> is a basic OO design principle.
> i think with a proper design and packaging, this will not be a problem.

I don't think you talk about the same thing here.

Proper OO is using interfaces, and not casting to implementation classes.

For example, constructors. Those need to be public if you want to
construct a new object in a different package. How do you create a
org.apache.jackrabbit.j3.nodetype.NodeTypeManagerImpl from a different
package, say, org.apache.jackrabbit.j3.SessionImpl, without public
constructor or public method? Maybe there is a way to do that. For you
it may even be a "proper design", "modular" or whatever. Like what
Jukka just made (adding an indirection class). For me, that's plain
confusing, overly complex, and bad (it's security through obscurity).
The direct way (having a public constructor) is the best solution.
That was just an example. There are many other cases, for example
org.apache.jackrabbit.j3.NodeImpl.doAddLock(..).

Regards,
Thomas