自动检测来自java的外部调用
[英]automatically detecting external calls from java
问题描述
I work for an enterprise that has a many millions of lines of Java code base. 
我在一个拥有数百万行Java代码库的企业工作。 Unfortunately, there were very poor practices put in place to track when one java EAR calls another EAR on another system. 不幸的是,当一个java EAR在另一个系统上调用另一个EAR时,存在非常糟糕的实践来跟踪。 The problem gets even worse, we run DB2 and all the DB2 schemas run on the same data connection. 问题变得更糟,我们运行DB2并且所有DB2模式都在相同的数据连接上运行。 This means there is no standard way to look at a config file or database connection to even tell what databases the application accesses. 这意味着没有标准的方法来查看配置文件或数据库连接,甚至告诉应用程序访问哪些数据库。 This problem extends to other REST services, since we have REST data services, MQ systems, JMS, EJB RMI, etc. Trying to do impact analysis is a nightmare. 这个问题扩展到其他REST服务,因为我们有REST数据服务,MQ系统,JMS,EJB RMI等。尝试进行影响分析是一场噩梦。
Is there a tool that exists, maybe a findbugs plugin, that I can run on an application and have it generate a report of the systems that the application accesses? 是否存在一个工具,可能是一个findbugs插件,我可以在应用程序上运行并让它生成应用程序访问的系统的报告?
If not, if I put say TRACE on the java.io and java.nio to log everything, should that capture any network connections that Java attempts to make thru the app server? 如果没有,如果我在java.io和java.nio上说TRACE来记录所有内容,是否应该捕获Java试图通过应用服务器进行的任何网络连接?
My ultimate goal, if i can't find a static analysis system that can help with these problems, i would like to write some AOP app that would live between the EAR and WebSphere and log all outbound and possibly inbound connections to the EAR resources. 我的最终目标,如果我找不到可以帮助解决这些问题的静态分析系统,我想编写一些AOP应用程序,它将存在于EAR和WebSphere之间,并记录所有出站和可能的入站连接到EAR资源。
is this possible? 这可能吗?
1 个解决方案
解决方案1
1 已采纳 2015-03-19 09:14:53
Tricky one ;-) 棘手的一个;-)
Findbugs can help you identify all communication related places in the java code. Findbugs可以帮助您识别java代码中所有与通信相关的位置。 But you have to do some stuff for that: 但你必须为此做一些事情:
Identify all kinds of connections you want to flag (eg DB connections, EJB communication, ReST client code ...)
确定要标记的所有类型的连接(例如,DB连接,EJB通信,ReST客户端代码......) If you have that you need to write your own findbugs plugin which detect those places.
如果你有,你需要编写自己的findbugs插件来检测那些地方。 May sound complicated however depending on how many places you want to identify a versed developer can do that in 2-3 days I would guess. 可能听起来很复杂,但取决于你想要识别一个精通开发人员的地方可以在2-3天内做到这一点我猜。 As starting point have a look at the sourcecode of the available bug patterns in findbugs, look for a similar one and use that as a starting point. 作为起点,我们来看看findbugs中可用的bug模式的源代码,找一个类似的,并以此为出发点。 There are also lots of tutorials in the web on how to write your own bug pattern... 网上还有很多关于如何编写自己的bug模式的教程...... Configure findbugs to only use your bug pattern and run it on your code base (otherwise all the other bugs will clutter the result especially if your codebase is this huge).
配置findbugs只使用你的bug模式并在你的代码库上运行它(否则所有其他的bug都会使结果混乱,特别是如果你的代码库很大)。 Findbugs will generate a report / show you all the "communication" places...
Findbugs将生成一份报告/显示所有“通信”地点......
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.