• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Using Suppliers to pass variable references around an application

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
For example I have an api client module which needs an api key to function, in the interest of keeping this hidden the value is stored in a char[] and the reference is passed around using Java 8 Suppliers that are generated using the :: syntax.

I theorized some class like this:
The idea being that to be able to use the key you have to be in the same package and a subclass of this "container"



Is this going overboard or not really doing anything for me?
Any other thoughts and feelings welcome!
 
Saloon Keeper
Posts: 15510
363
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Joseph, welcome to CodeRanch!

This is not going to work because classes can access protected members of classes in the same package regardless of whether they inherit from them or not.

The layer of indirection you add using Supplier is not going to actually do anything, you might as well just use an array reference directly.

You should also avoid global state: don't use static variables.

The solution is actually quite simple: classes that require the key should request them using constructor/method parameters, and classes that have a key should only pass them to classes they trust.

By the way, limiting the visibility of the key is not going to do anything security-wise. When any object in your application has the key, anybody with access to your system can just dump the memory and read it.
 
reply
    Bookmark Topic Watch Topic
  • New Topic