wtorek, 31 stycznia 2017

Spring Security quick dive

To make authentication we need AuthenticationManager instance to call authenticate method on it passing Authentication object. There are couple classes that implement Authentication interface. AbstractAuthenticationToken - an abstract class AnonymousAuthenticationToken UsernamePasswordAuthenticationToken JaasAuthenticationToken RememberMeAuthenticationToken RunAsUserToken TestingAuthenticationToken PreAuthenticatedAuthenticationToken When we'd got authentication token we can validate it against registered AuthenticationProviders (eg. DaoAuthenticationProvider). What is interesting that when we'd got number of providers first one wins (only if returns null as a result authentication is fallbacked to the next provider).

poniedziałek, 30 stycznia 2017

How Spring look for bean definitions?

Scanning for beans

ConfigurationClassBeanDefinitionReader -> loadBeanDefinitionsForConfigurationClass

Constructor Resolver

autowireConstructor(beanName) Method responsible for finding out default parameters. AutoConfigurationPackages @AutoCondifurationPackage annotation user for registering


Four definition reader used. * AnnotationBeanDefintionReader * XmlBeanDefinitionReader * GroovyBeanDefinitionReader * ClassPathBeanDefinitionScanner

Scanning for bean definitions

Where: ClassPathScanningCandidateComponentProvider.java:265 public Set findCandidateComponents(String basePackage) 1. Constructs "search path" (e.g. "classpath*:org.example.services/*.class") 2. Takes all resources matching "search path" 3. If resource is readable it gathers it instantiate MetadataReader which basically is a facade for accessing class metadata such as annotations. 4. Next there is check against Exclude and Include filters. Exclude takes precedence. If class not match against includeFilter it is rejected.

Registering default filters

During creating SpringApplication "Include" filter always contains "Component" annotation type filter. Additionally both "javax.annotation.ManagedBean" (JSR-250) and "javax.inject.Named" (JST-330) are added if appropriate classes found on classpath.

środa, 11 stycznia 2017

Hibernate 5 schema validation internals

SchemaManagementToolCoordinator The static 'process' method takes 'metadata', 'serviceRegistry', 'properties' and 'delayedDropRegistry'. Based on 'properties' values the 'actions' are retrieved. SchemaValidatorImpl doValidation method takes Metadata and ExecutionOptions as a parameters.