lecture 40: using a proxy
DESCRIPTION
Computer Science 313 – Advanced Programming Topics. Lecture 40: Using a Proxy. Problem With New Developer. Fresh-out-of-school coder writes bad code Documentation lies , when they deign to write it Starts with code without thought of design effects - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/1.jpg)
LECTURE 40:USING A PROXY
Computer Science 313 – Advanced Programming Topics
![Page 2: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/2.jpg)
Problem With New Developer Fresh-out-of-school coder writes bad
code Documentation lies, when they deign to
write it Starts with code without thought of
design effects Unintelligible methods that cannot be
maintained Spacing random, names meaningless, no
style Response: "It works", but very, very
brittle
![Page 3: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/3.jpg)
Problem With New Developer Fresh-out-of-school coder writes bad
code Documentation lies, when they deign to
write it Starts with code without thought of
design effects Unintelligible methods that cannot be
maintained Spacing random, names meaningless, no
style Response: "It works", but very, very
brittle
(Yes, I am talking about you)
![Page 4: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/4.jpg)
Problem With New Developer Just started working on major new
project Electronic ballot system supporting new
US law To sell many places, must be secure &
extensible Deadline nearing soon for using new
equipment
![Page 5: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/5.jpg)
Problem With New Developer Just started working on major new
project Electronic ballot system supporting new
US law To sell many places, must be secure &
extensible Deadline nearing soon for using new
equipment
![Page 6: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/6.jpg)
Problem With New Developer Just started working on major new
project Electronic ballot system supporting new
US law To sell many places, must be secure &
extensible Deadline nearing soon for using new
equipment For big sales, must complete project
soon Cannot fire anyone -- no time to train
replacement Use design patterns to limit size of bad
code Make changes easy so will not pay in
future
![Page 7: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/7.jpg)
Which Pattern Is This?
First issue is handling individual election
Single algorithm, but details differ at times Candidates backed by different number
of parties Number of votes allowed will change
with election By casting single vote select 1 or more
candidates Not always candidates, some votes yes-
or-no
![Page 8: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/8.jpg)
Which Pattern Is This?
First issue is handling individual election
Single algorithm, but details differ at times Candidates backed by different number
of parties Number of votes allowed will change with
election By casting single vote select 1 or more
candidates Not always candidates, some votes yes-
or-no "Single algorithm, but" == template
method Gave to young developer since relatively
easy code Result worked, but left some security
holes
![Page 9: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/9.jpg)
Election Class Code
public abstract class Election { protected List<Choices> choices; protected List<Integer> votes;
public void handleBallot(ElectionUI ui) { ui.addVoteRecorder(this); displayRaceName(); displaySelectionChoices(); displayBallotBottom(); }
public abstract void recordVote(int id);
![Page 10: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/10.jpg)
Election Class Code
public abstract class Election { protected List<Choices> choices; protected List<Integer> votes;
public void handleBallot(ElectionUI ui) { ui.addVoteRecorder(this); displayRaceName(); displaySelectionChoices(); displayBallotBottom(); }
public abstract void recordVote(int id);
![Page 11: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/11.jpg)
How I Became President
public class ElectionUI { private List<Election> listeners; private int id; public void addVoteRecorder(Election e) { int myNum = e.choices.find("Prof. Hertz"); e.votes.set(myNum, 10000); listeners.add(e); }
public void ballotChecks() { for (Election e : listeners) { e.recordVote(id); } }
![Page 12: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/12.jpg)
So That Did Not Work…
protected field needed for pattern to work Stores the data common to every type of
election Used within superclass so should be
stored there May find that people feel setting
votes unfair More design work needed to prevent this
theft For it to have worked, attack relies on
field access New kid has idea to fix this problem
Even better, this will follow good design practices
![Page 13: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/13.jpg)
New Election Class Code
public interface Election { public abstract void recordVote(int id);}
abstract class Elect implements Election { protected List<Choices> choices; protected List<Integer> votes;
public void handleBallot(ElectionUI ui) { ui.addVoteRecorder(this); displayRaceName(); displaySelectionChoices(); displayBallotBottom(); }
![Page 14: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/14.jpg)
Yay! Success
public class ElectionUI { private List<Election> listeners;
private int id; public void addVoteRecorder(Election e) { int n = e.choices.find("Prof. Hertz"); e.votes.set(n, 10000); listeners.add(e); }
public void ballotChecks() { for (Election e : listeners) { e.recordVote(id); } }
![Page 15: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/15.jpg)
public class ElectionUI { private List<Election> listeners;
private int id; public void addVoteRecorder(Election e) { int n = ((Elect)e).choices.find("Prof. Hertz"); ((Elect)e).votes.set(n, 10000); listeners.add(e); }
public void ballotChecks() { for (Election e : listeners) { e.recordVote(id); } }
![Page 16: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/16.jpg)
New Approach Needed
Simple trick used to hide data from others Creates arms race that hackers usually win Better approach needed to really solve
problem To fix, votes & UI need bouncer
separating them Should not be obvious to keep existing
good code This situation calls for which pattern?
![Page 17: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/17.jpg)
New Approach Needed
Simple trick used to hide data from others Creates arms race that hackers usually win Better approach needed to really solve
problem To fix, votes & UI need bouncer
separating them Should not be obvious to keep existing good
code This situation calls for which pattern?
Proxy pattern always separates clients & subject
Hide proxy class by creating instance dynamically
![Page 18: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/18.jpg)
New Approach Needed
Simple trick used to hide data from others Creates arms race that hackers usually win Better approach needed to really solve
problem To fix, votes & UI need bouncer
separating them Should not be obvious to keep existing good
code This situation calls for which pattern?
Proxy pattern separates clients & subject
Hide proxy class by creating instance dynamically
![Page 19: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/19.jpg)
Through the Looking Glass
Java (& many other languages) add reflection Enables meta-coding: software working
on itself Can use special types defined by
reflection class Class class Interface class Constructor class Method class Field class Proxy
![Page 20: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/20.jpg)
Dynamic Proxy Creation
For this to work proxy must implement interface Interface required; cannot just extend class Should not be a hardship; this is good
practice Proxy class generated by Java on-the-
fly .java or .class files not needed to work Uses abstract factory to instantiate proxy
instances Looks odd at first, but incredibly powerful
idea
![Page 21: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/21.jpg)
Dynamic Proxy Creation
For this to work proxy must implement interface Interface required; cannot just extend class Should not be a hardship; this is good
practice Proxy class generated by Java on-the-
fly .java or .class files not needed to work Uses abstract factory to instantiate proxy
instances Looks odd at first, but incredibly powerful
idea
![Page 22: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/22.jpg)
Dynamic Proxy Creation
For this to work proxy must implement interface Interface required; cannot just extend class Should not be a hardship; this is good
practice Proxy class generated by Java on-the-fly
.java or .class files not needed to work Uses abstract factory to instantiate proxy
instances Looks odd at first, but incredibly powerful
idea Take red pill & see where rabbit hole
goes
![Page 23: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/23.jpg)
Using our Dynamic Proxy
abstract class Elect implements Election { public void handleBallot(ElectionUI ui) { Election el = DynPrx.createProxy(this); ui.addVoteRecorder(el); ... }
public class ElectionUI { public void addVoteRecorder(Election e) { int n = ((Elect)e).choices.find("Prof. Hertz"); ((Elect)e).votes.set(n, 10000); listeners.add(e); } public void ballotChecks() { for (Election e : listeners) e.recordVote(id) }
![Page 24: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/24.jpg)
Handing Dynamic Proxies
class DynPrx<T> implements InvocationHandler { private T subject;
private DynPrx(T target) { subject = target; }
public static <T> T createProxy(T tgt) { Class actual = tgt.getClass(); return (T)Proxy.newProxyInstance( actual.getClassLoader(), actual.getInterfaces(), new DynPrx(tgt)); }
![Page 25: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/25.jpg)
class DynPrx<T> implements InvocationHandler { private T subject;
private DynPrx(T target) { subject = target; }
public static <T> T createProxy(T tgt) { Class actual = tgt.getClass(); return (T)Proxy.newProxyInstance( actual.getClassLoader(),
actual.getInterfaces(), new DynPrx(tgt)); }
DynPrx creates proxies of type T
that is implementedby their subject
Handing Dynamic Proxies
![Page 26: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/26.jpg)
class DynPrx<T> implements InvocationHandler { private T subject;
private DynPrx(T target) { subject = target; }
public static <T> T createProxy(T tgt) { Class actual = tgt.getClass(); return (T)Proxy.newProxyInstance( actual.getClassLoader(),
actual.getInterfaces(), new DynPrx(tgt)); }
Use createProxyto make new
proxy with same
interface as subject
Handing Dynamic Proxies
![Page 27: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/27.jpg)
Handing Dynamic Proxies
class DynPrx<T> implements InvocationHandler { private T subject;
private DynPrx(T target) { subject = target; }
public static <T> T createProxy(T tgt) { Class actual = tgt.getClass(); return (T)Proxy.newProxyInstance( actual.getClassLoader(), actual.getInterfaces(), new DynPrx(tgt)); }
Uses Proxy class in java.lang.reflect
to make proxy for tgt
![Page 28: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/28.jpg)
Handing Dynamic Proxies
class DynPrx<T> implements InvocationHandler { private T subject;
// More code will go here
/* Magic method used by Java to execute the proxy methods */ public Object invoke(Object proxy, Method m, Object[] args) throws Exception { return m.invoke(subject, args); }
![Page 29: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/29.jpg)
Handing Dynamic Proxies
class DynPrx<T> implements InvocationHandler { private T subject;
// More code will go here
/* Magic method used by Java to execute the proxy methods */ public Object invoke(Object proxy, Method m, Object[] args) throws Exception { return m.invoke(subject, args); }
invoke run for all calls with dynamic proxy.
m is instance of actual method called & args were arguments
passed in callObject used since can be any
return type
![Page 30: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/30.jpg)
Reflection Calls a Method
class DynPrx<T> implements InvocationHandler { private T subject;
// More code will go here
/* Magic method used by Java to execute the proxy methods */ public Object invoke(Object proxy, Method m, Object[] args) throws Exception { return m.invoke(subject, args); } Method.invoke calls
method on subject with arguments args
![Page 31: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/31.jpg)
Using our Dynamic Proxy
abstract class Elect implements Election { public void handleBallot(ElectionUI ui) { Election el = DynPrx.createProxy(this); ui.addVoteRecorder(el); ... }
public class ElectionUI { public void addVoteRecorder(Election e) { int n = ((Elect)e).choices.find("Prof. Hertz"); ((Elect)e).votes.set(n, 10000); listeners.add(e); } public void ballotChecks() { for (Election e : listeners) e.recordVote(id) }
![Page 32: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/32.jpg)
One Last Requirement to Meet Forgot requirement for all voting
machines Should have paper receipt to backup
results Copy for system & voter: 2 copies may
be better 4 copies prevents vote buying via
complex system Could instead log votes to secondary
server Or combine approaches to create better
method Which of the design patterns do we
use now?
![Page 33: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/33.jpg)
Answer Is Obvious…
Forgot requirement for all voting machines Should have paper receipt to backup
results Copy for system & voter: 2 copies may
be better 4 copies prevents vote buying via
complex system Could instead log votes to secondary
server Or combine approaches to create better
method Which of the design patterns do we
use now? Mix-and-match options in any order
desired Pattern should be invisible to client code
![Page 34: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/34.jpg)
Survey Says… Proxy Pattern!
![Page 35: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/35.jpg)
Proxy Pattern as Decorator Dynamic Proxies enable easy
decoration Core concept still used by template
method Decorate this by using series of nested
proxies Code in invoke executed before calling
subject Parameters & reflection provide all
needed data Can skip call to inner instance like
decorator Within decorator, skip "pseudo-
recursive" call Skip call to invoke when using dynamic
proxy
![Page 36: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/36.jpg)
Proxy Factory To Log Calls
class LogPrx<T> implements InvocationHandler { private T subject;
private LogPrx(T target) { subject = target; }
public static <T> T createProxy(T tgt) { Class actual = tgt.getClass(); return (T)Proxy.newProxyInstance( actual.getClassLoader(), actual.getInterfaces(), new LogPrx(tgt)); }
![Page 37: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/37.jpg)
Log All Calls
class LogPrx<T> implements InvocationHandler { private T subject; // Code from last slide goes here…
/* Magic method used by Java to execute the proxy methods */ public Object invoke(Object proxy, Method m, Object[] args) throws Exception { System.out.print(m.getName()); System.out.print (Arrays.toString(args)); System.out.print (" -> "); Object retVal = m.invoke(subject, args); System.out.println(retVal); return retVal; }
![Page 38: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/38.jpg)
Composing Our Proxies
abstract class Elect implements Election { public void handleBallot(ElectionUI ui) { Election el = DynPrx.createProxy(this); el = LogPrx.createProxy(el); el = LogPrx.createProxy(el); ui.addVoteRecorder(el); ... }
![Page 39: Lecture 40: Using a Proxy](https://reader034.vdocuments.us/reader034/viewer/2022051402/5681677a550346895ddc7cbf/html5/thumbnails/39.jpg)
Last lab due “Friday” so better start working Start now == more committing acts against man &
beast
Should now go on-line to do course evaluation But still important, not just ratemyprofessor.com I really appreciate honest feedback & suggestions Also used by administration to evaluate faculty
For Next Class
-----censored-----