4 Replies Latest reply on Jan 25, 2007 9:26 PM by Tony Herstell

    Can't inject into an Entity Bean...

    Tony Herstell Master

      Whats the preferred solution to this:

      Given:

      @Entity
      @Name("user")
      public class User implements Serializable {
      ...
      
       @NotNull(message="required")
       @Length(min = 5, max = 15)
       public String getPassword() {
       return password;
       }
      
       public void setPassword(String password) {
       this.password = password;
       }
      ...
      }
      


      What I REALLY want to do is this:
      @Entity
      @Name("user")
      public class User implements Serializable {
      
       @In(create=true)
       EncryptionControllerI encryptionController;
      
      ...
      
       @NotNull(message="required")
       @Length(min = 5, max = 15)
       public String getPassword() {
       return encryptionController.decrypt(password);;
       }
      
       public void setPassword(String password) {
       this.password = encryptionController.encrypt(password);
       }
      ...
      }
      


      Now you can't (it seems) inject into entity beans...

      So I move the encryption outside the bean...
      but now that makes my password over the 15 limit... so when I try to save it then I cant...

      so I make the max = 15 into max = 30 to accommodate the bigger crypted password... but then some moron puts a password in that 30 !! so that won't work.

      I wanted to cryption to be as close to the @Entity as possible so the only other option is to move all the cryption code into the @Entity (which means it has to go to the OS to read the key and create the cyfer which is really poor as it will do it every time an @Entity is created).

      Please advise.

        • 1. Re: Can't inject into an Entity Bean...
          Tony Herstell Master

          Moving it outside does not MAKE the key over 15 chars... you know what I am getting at though.

          • 2. Re: Can't inject into an Entity Bean...
            Gavin King Master

            You can use Component.getInstance().

            • 3. Re: Can't inject into an Entity Bean...
              Tony Herstell Master

               

              "gavin.king@jboss.com" wrote:
              You can use Component.getInstance().



              Thanks:
              
               /* Really this should to be 15; it was extended to allow for the crypt to take place!
               * A bad side effect is the GUI is now allowing upto 50 length.
               * This routine will still fail if you put a password in of close to 50 length as the crypt is longer that 50.
               * This really is an Aspect on the set/get Password! - ToDo
               */
               @NotNull(message="required")
               @Length(min = 5, max = 50)
               public String getPassword() {
               String theValueToReturn = null;
               if (password != null) {
               EncryptionController anEncryptionController = (EncryptionController) Component.getInstance("encryptionController", true);
               theValueToReturn = anEncryptionController.decrypt(password);
               }
               return theValueToReturn;
               }
              
               public void setPassword(String password) {
               if (password != null) {
               EncryptionController anEncryptionController = (EncryptionController) Component.getInstance("encryptionController", true);
               this.password = anEncryptionController.encrypt(password);
               } else {
               this.password = null;
               }
               }
              
               @NotNull(message="required")
               @Length(min = 5, max = 15)
               @Pattern(regex = "^\\w*$")
               public String getUsername() {
               return username;
               }
              


              • 4. Re: Can't inject into an Entity Bean...
                Tony Herstell Master

                Be wary of this method as you are talking to the database "through" the entity bean.
                So when the persistence implementation is putting and getting it is also crypting/decrypting.
                You end up having two crpyts or a double decrypt going on quite quickly and you fix it for a read from the database only to have it fail for a pure "create" call coming from your business logic.

                So, I have moved the crypt/decrypt into the business logic.

                :/