Skip to main content

Spring boot Aspect Oriented Programming

What is AOP







AOP stands for Aspect Oriented Programming. It is mainly used to implement the Cross-Cutting concerns in applications. These are used to reduce the mix of the business logic from the NFR (Non Functional Requirements) like logging, performance monitoring, validations etc.

Also, these "Aspects" can be [should be] generalized and be located in a common library or package so that it can be easily upgraded / patched.

Further, these Aspects are to be implemented without bringing-in these Aspects into every service or business logic layer so that they can be less invasive and like autowired to get the job done without being omni-present.

Spring AOP helps us achieve this model by bringing in the support for the Aspects and help us wire these aspects at places where required.

Core Terms / Concepts

Aspect

This is the cross cutting concern like logging / time measurement / validation etc.

Join Point

The method execution. (Example: Executing a service method like CustomerService::addNewCustomer)

Advice

The hook where we want the logic to be placed like before execution of the method, after execution or before and after method execution. (An Advice can be thought to be similar to a pre-processor / post processor or a combination of both)

Point Cut

This indicates the expression or an indication of at which join point the advice to be executed. This is more like an identifier that helps AOP to find and run the Advice at the points defined. These can be identical to that of labels or markers which can be used to locate the code where the advice is to be executed.

Introduction

The process of adding a new field or an interface to a type (like C# static methods being used to add behavior to the existing classes)

Target Object

The object on which the Advice is being executed or planned to execute. Since spring uses proxies, this will normally be a proxy object

AOP Proxy

This is created by Spring AOP to execute the AOP contracts like advices / introductions to the target objects.

Weaving

This is a beautiful term IMHO. This is where the aspects are linked with the objects to create adviced objects. This can be done at compile time, load time or at Runtime by the Spring AOP framework

What are the types of Advices

1. Before
This is used to execute logic before the method is being executed

2. After returning
To execute the advice once the method has completed the execution

3. Around
To have our code run before and after the method execution. This can be thought of like having a workflow inside an Abstract class that invokes the concrete implementations

4. After throwing
To execute the logic after a method execution results in an exception

5. After finally
To execute the logic regardless of the state in which the method execution exits (be it erroring out with an exception [or] successfully complete execution)

Which one do I choose?



As the saying goes "The right choices you make, make your life", so it is applicable to the aspects as well.

Choose the right advice type that is least powerful so that the impact is less. For example, if the requirement is to operate on the result, we need to use either After finally or After returning so that we can focus on getting the data captured rather than focusing on the Around where we have logic to be executed before and after execution and the method execution needs to be triggered without fail

For more detailed point cut expressions, please refer to the official Spring documentation because some of the AspectJ expressions are not yet supported by Spring framework.

Labels:

Comments

Post a Comment

Popular posts from this blog

User Authentication schemes in a Multi-Tenant SaaS Application

User Authentication in Multi-Tenant SaaS Apps Introduction We will cover few scenarios that we can follow to perform the user authentication in a Multi-Tenant SaaS application. Scenario 1 - Global Users Authentication with Tenancy and Tenant forwarding In this scheme, we have the SaaS Provider Authentication gateway that takes care of Authentication of the users by performing the following steps Tenant Identification User Authentication User Authorization Forwarding the user to the tenant application / tenant pages in the SaaS App This demands that the SaaS provider authentication gateway be a scalable microservice that can take care of the load across all tenants. The database partitioning (horizontal or other means) is left upto the SaaS provider Service. Scenario 2 - Global Tenant Identification and User Authentication forwarding   In the above scenario, the tenant identification happens on part of the SaaS provider Tenant Identification gateway. Post which, the
Post a Comment
Read more

Handling exceptions in the Executor service threads in Java

Introduction This is a continuation post on the exception handling strategies in the threads in Java. For Introduction, please read this post The second post is available here This post addresses the problem statement "How to use the exception handlers in the threads spawned by the Executor Service in Java?" Not all times, we will be using Thread  classes to run our threads because we have to manage a lot of the underlying logic for managing threads. There is ExecutorService in Java which comes to the rescue for the above problem. In the previous posts, we have discussed on how to handle the exceptions in plain threads. However, when using executor service, we do not create / manage threads, so how do we handle exception in this case. We have a ThreadFactory   as an argument which can be used to customize the way threads are created for use within the ExecutorService . The below snippet of code leverages this feature to illustrate the exception handling, wherein we create a
Post a Comment
Read more

Download CSV file using JavaScript fetch API

Downloading a CSV File from an API Using JavaScript Fetch API: A Step-by-Step Guide Introduction: Downloading files from an API is a common task in web development. This article walks you through the process of downloading a CSV file from an API using the Fetch API in JavaScript. We'll cover the basics of making API requests and handling file downloads, complete with a sample code snippet. Prerequisites: Ensure you have a basic understanding of JavaScript and web APIs. No additional libraries are required for this tutorial. Step 1: Creating the HTML Structure: Start by creating a simple HTML structure that includes a button to initiate the file download. <!DOCTYPE html> < html lang = "en" > < head > < meta charset = "UTF-8" > < meta name = "viewport" content = "width=device-width, initial-scale=1.0" > < title > CSV File Download </ title > </ head > < body >
Post a Comment
Read more

SFTP and File Upload in SFTP using C# and Tamir. SShSharp

The right choice of SFTP Server for Windows OS Follow the following steps, 1. Download the server version from here . The application is here 2. Provide the Username, password and root path, i.e. the ftp destination. 3. The screen shot is given below for reference. 4. Now download the CoreFTP client from this link 5. The client settings will be as in this screen shot: 6. Now the code to upload files via SFTP will be as follows. //ip of the local machine and the username and password along with the file to be uploaded via SFTP. FileUploadUsingSftp("172.24.120.87", "ftpserveruser", "123456", @"D:\", @"Web.config"); private static void FileUploadUsingSftp(string FtpAddress, string FtpUserName, string FtpPassword, string FilePath, string FileName) { Sftp sftp = null; try { // Create instance for Sftp to upload given files using given credentials sf
2 comments
Read more

Implementing Row Level Security [RLS] for a Multi-Tenant SaaS Application

Row Level Security The need for row level security stems from the demand for fine-grained security to the data. As the applications are generating vast amounts of data by the day. Application developers are in need of making sure that the data is accessible to the right audience based on the right access level settings. Even today, whenever an application was built, the application development team used to spend a lot of time researching the approach, implementing multiple tables multiple logics 25 queries to add filters to manage the data security for every query that gets transferred from the end user request to the application database. This approach requires a lot of thought process, testing and security review because the queries needs to be intercepted, updated and the data retrieval to be validated to make sure the end-users see only the data that they are entitled to. Implementation With the advent of of row level security feature being rolled out in main d
Post a Comment
Read more