tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <cos...@costin.dnt.ro>
Subject Re: getContextPath reflection tricks are broken
Date Thu, 15 Jun 2000 20:34:54 GMT
> I guess that the new facade stuff has broken a part of Turbine where we were
> using a reflection hack to get around JSDK 2.0/2.2 issues. With the recent
> facade stuff checked into Tomcat CVS, we cannot use this trick any longer
> because the methods are not visible to us any longer.
> 
> Is there some way that this can be fixed in Tomcat to allow us to do the
> trick? See below for more details about the problem.

Hi Jon,

The Facade's purpose is to prevent downcasting - an application shouldn't
rely on any tomcat internals and shouldn't be able to access anything but
request methods.

A normal web application can't ( or shouldn't ) be able to access tomcat
objects unless "isTrusted" attribute is set.

There is no particular reason to have the Facade class non-public ( except
paranoia ). You can make HttpServletRequestFacade public if that'll fix
your code - it seems to be enough for reflection to work.
 
Everything is fine as long as the class is final ( can't be extended ) and
have no public constructors and no public methods except the ones in the
interface.

IMHO you should try to replace the reflection hack - this kind of code is
_very_ slow compared with direct invocation. You could use a facade too -
i.e. your own Request object, with a 2.2 and a 2.0 implementation. 

Costin 






Mime
View raw message