soteria
soteria copied to clipboard
Published
20 hours ago •
eclipse-ee4j
eclipse-ee4j
Improve EL expression detection algorithm
Currently expressions are detected just by the use of AnnotationELProcessor#hasAnyELExpression(). But that method only checks wether the value of any attribute seems to be a valid EL expression.
That may work for String attributes, but for e.g. validationTypeExpression which is only used for expressions, you can now provide an invalid expression, and Soteria will think it just has no expressions. Example:
@LdapIdentityStoreDefinition(
/* ... */
useForExpression = "#{ssss}----"
)
Soteria will detect the value "is not an expression" and will fallback to the standard "useFor" attribute. This might confuse users when they think the expression is a valid one, but the runtime doesn't use it. In cases like this, I believe deployment should fail.
