[Opensource] prePerform(), postPerform() Template Methods
larry hamel
expresso at codeguild.com
Mon Nov 17 21:12:15 PST 2003
hi Peter,
At 05:46 PM 11/17/2003, you wrote:
>Yet it does not make quite sense for the Controller class itself.
>The preprocessing method would be executed before any state method is called,
>and postprocessing method would be executed after any state method.
>
>Is this what you really want? Two global hooks across all the StateMethods
>in the call. What is the design case here?
yes, I think so. the use-case is headers and footers which are common across a group of states. we group such states in one controller.
>If you do modify it, then consider the security implications.
>
>A subclass could gain access to a guarded state method that is blocked
>in a superclass. The information in the request scope is available to
>the pre-hook method and thus sensitive information could be usurped.
usurped by someone who is executing malicious code in a state? if the bad guys are executing code, is there any hope for the good guys?
>Also what happens to the exception handling?
good point, but what happens now? If you throw an exception on the very last line of the state, there is no rollback for the preceding 99%. There is no transaction encapsulation for all the behaviors that might happen during a Web request w/o pre/post processing hooks, so it does not seem unreasonable to throw the same exceptions in pre/post.
>If an exception is raised in the pre-hook does that abort the process.
yes
>The Struts Request Processor is getting changed to Common Chains.
>
>The Common Chains may be way for Expresso Framework to hand out
>low level `Controller', which is subclass of the Struts Action class.
>We could have Expresso Commands to handle business operation just
>like we have in the Controllers but instead these `Expresso Commands'
>would be must more standalone, independent, and lighter in weight.
>They could be chained together to business flow-like applications.
sounds good, let's look at that when it is available.
the code is checked in if you'd like to look at it or change it.
larry
More information about the Opensource
mailing list