Behavioral Patterns - Chain of Responsibility Pattern Exercise

behavioral-patterns-chain-of-responsibility-pattern-exercise

The Chain of Responsibility Pattern is very useful to avoid coupling the sender of a request to its receiver by giving more than one object a chance to handle the request. Chain the receiving objects and pass the request along with the chain until an object handles it. We will implement a naïve security filter chain using this pattern in our practice exercise. You will certainly enjoy this exercise as it is a great way to get you totally master this pattern.

Reading Materials

  1. https://en.wikipedia.org/wiki/Chain-of-responsibility_pattern (15 minutes reading)

Practice Materials

  1. Use chain of responsibility pattern to create a naive security filter chain that will check the following responsibilities in order:
  1. If any endpoint matches the request
  • False - return Not Found
  1. If the endpoint has any security rules
  • False - return Resource
  1. If the request contains any authorization header
  • False - return Unauthorized request
  1. If the authorization is approved
  • False - return Invalid authorization
  1. return Resource

Components

  • Handler (Interface for handling requests)
  • ConcreteHandler (Handle the request it is the responsibility for or forwards it to its successor)
  • Client (Initiate the request to a ConcreteHandler object on any part of the chain, in this example, it should start from the the first filter)

Tips

  • you may create a Helper class to handle some conditional logic

Solution

Naive Security Chain Example

Questions to discuss

  1. What are the common use cases to apply a Chain of Responsibility?
  2. What features are there in the application when you see that you should apply the Chain of Responsibility pattern?

Comments

Post a Comment

Popular posts from this blog

Creating a Library Project for Spring Boot

creating-a-library-project-for-spring-boot This article introduces the key points when creating a library for spring boot project. It could be common that over the years you have created a number of services that could be reused by other spring projects. It then makes sense to make the reusable modules such as a library and install it in your local repository for later use. Here are the key points to consider when building a spring boot library. release version build plugin dependency injection autoconfigurations Release Version To guarantee spring boot works the way you expect, it is recommended to keep update the release versions of the library so that it supports some versions of the spring boot minor version. A good practice is to monitor change spring boot changelog and see if there are any conflicting dependencies that are used in the library project. If there is, introduce a new version to resolve the conflict. Build Plugin If the projects refere
Read more

Spring Data Repository Query Precedence Tricks

spring-data-repository-query-precedence-tricks Spring Data repository method is very handy but it also comes with its limitation, especially when composed with condition precedence. This article shows one way to work with it and its caveats. Use Case Given the following type: @Entity public class Book { @Id private Long id ; private String title ; private String edition ; // Getters and Setters ... } 1. check if there is any book whose title or edition matches the specified. This one is easy to come up with. We could simply use the keyword Or to compose the query: boolean existsByTitleOrEdition ( String title , String edition ) ; 2. check if there is any book whose title or edition matches the specified and is not itself. This one looks just as easy as the first one, we could have just added another condition and compose with the keyword And : boolean existsByTitleOrEditionAndIdIsNot ( String title , String edi
Read more

Overwriting Spring Security Context through Filter

overwriting-spring-security-context-through-filter This article presents a strategy that overwrites the spring security context in order to allow a user to visit the resources without authenticating the user through the authentication filters. It is very common that in a single-sign-on application to use a session store to persist the session information after the user has successfully signed in. Spring Session magically takes care this for us if we add @enableXxxHttpSession to the application configuration. While it is convenient to use an out-of-the-box solution, it is extremely helpful to implement one so each fundamental part of this pattern can be fully understood. This insight can improve the efficiency of the code by way of a more optimal choice of scope for any session store, even to make a home-made one. We will create a javax.servlet.Filter implementation so we could add this filter as part of the security filter chain. The place this filter should
Read more