Rules available in this category:
Severity:
Medium
Rule:
Declare ejbPostCreate methods public
Reason:
Declare ejbPostCreate methods public
Usage Example:
package com.rule.ejb;
import java.rmi.RemoteException;
import javax.ejb.CreateException;
import javax.ejb.EntityBean;
public class Declare_public_ejbPostCreate_violation implements EntityBean
{
public String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
//implementation
return ID;
}
static void ejbPostCreate(String ID, String Name) // VIOLATION
{
//implementation
}
public String ejbCreate(String ID, String Name, String details) throws CreateException, RemoteException
{
//implementation
return ID;
}
public final void ejbPostCreate(String ID, String Name, String details) // VIOLATION
{
//implementation
}
}
Should be written as:
package com.rule.ejb;
import java.rmi.RemoteException;
import javax.ejb.CreateException;
import javax.ejb.EntityBean;
public class Declare_public_ejbPostCreate_correction implements EntityBean
{
public String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
//implementation
return ID;
}
public void ejbPostCreate(String ID, String Name) // CORRECTION
{
//implementation
}
public String ejbCreate(String ID, String Name, String details) throws CreateException, RemoteException
{
//implementation
return ID;
}
public void ejbPostCreate(String ID, String Name, String details) // CORRECTION
{
//implementation
}
}
Reference:
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/BMP2.html#62922
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Session2.html
Severity:
Medium
Rule:
Avoid loading native libraries in a Bean class.
Reason:
Avoid loading native libraries in a Bean class.
Usage Example:
public class TestSession implements SessionBean
{
public void ejbCreate() throws CreateException
{
System.load("MyNativeLibrary"); // VIOLATION
// ...
}
// ...
}
Should be written as:
Avoid loading the native library.
Reference:
http://java.sun.com/blueprints/qanda/ejb_tier/restrictions.html
Severity:
Medium
Rule:
The EJB specification assigns to the EJB container the responsibility for managing threads.
Reason:
The EJB specification assigns to the EJB container the responsibility for managing threads.
Usage Example:
public class TestBean implements EntityBean
{
public void ejbCreate(int i) throws CreateException
{
Thread t = new Thread();
// ...
t.start(); // VIOLATION
// ...
}
// ...
}
Should be written as:
Avoid thread creation or management since its the EJB container's responsibility for managing threads.
Reference:
http://java.sun.com/blueprints/qanda/ejb_tier/restrictions.html
Severity:
Medium
Rule:
Avoid using non final static fields.
Reason:
Avoid using non final static fields.
Usage Example:
public class TestSession implements SessionBean
{
private static int someField = 1; // VIOLATION
// ...
}
Should be written as:
public class TestSession implements SessionBean
{
private static final int someField = 1; // FIXED
// ...
}
The autofix will be applied only if:
a. Field is private.
b. Field is not an array.
c. Field is not being modified.
Reference:
http://java.sun.com/blueprints/qanda/ejb_tier/restrictions.html#static_fields
Severity:
Medium
Rule:
It is preferable to reuse EJB homes.
Reason:
It is preferable to reuse EJB homes.
Usage Example:
import javax.servlet.*;
import javax.servlet.http.*;
import javax.rmi.*;
import javax.naming.*;
import javax.ejb.*;
public class PerformanceHit extends HttpServlet
{
public void transaction () throws ServletException
{
Context ctx = null;
try
{
ctx = new InitialContext (new java.util.Hashtable ());
Object homeObject = ctx.lookup ("JNDI NAME");
AppHome aHome = (AppHome)PortableRemoteObject.narrow (
homeObject, AppHome.class); //VIOLATION, Home interface should not be a local variable.
}
catch (Exception e)
{
throw new ServletException ("ERROR" +e.getMessage (), e);
}
finally
{
try
{
if (ctx != null)
{
ctx.close ();
}
}
catch (Exception e)
{
}
}
}
}
interface AppHome extends EJBHome
{
//...
}
Should be written as:
import javax.servlet.*;
import javax.servlet.http.*;
import javax.naming.*;
import javax.ejb.*;
public class NoMorePerformanceHit extends HttpServlet
{
private AppHome aHome = null; // cache Home interface.
public void init (ServletConfig config) throws ServletException
{
super.init (config);
Context ctx = null;
try
{
ctx = new InitialContext (new java.util.Hashtable ());
Object homeObject = ctx.lookup ("JNDI NAME");
aHome = (AppHome)javax.rmi.PortableRemoteObject.narrow (
homeObject, AppHome.class);
}
catch (Exception e)
{
throw new ServletException ("ERROR" +e.getMessage (), e);
}
finally
{
try
{
if (ctx != null)
{
ctx.close ();
}
} catch (Exception e) {}
}
}
}
interface AppHome extends EJBHome {}
Reference:
"Core J2EE Patterns - Best Practices and Design Strategies" - by Deepak Alur, John Cupri and Dan Malks.
Severity:
Medium
Rule:
It violates the EJB specification.
Reason:
It violates the EJB specification.
Usage Example:
import javax.ejb.*;
//...
public abstract class MyBeanCMP implements EntityBean
{
//....
public void someMethod()
{
doStuff ( this ); // VIOLATION
}
}
Should be written as:
Use 'getEJBObject ()' available in SessionContext or EntityContext.
import javax.ejb.*;
//...
public abstract class MyBeanCMP implements EntityBean
{
//....
public void someMethod()
{
doStuff ( myContext.getEJBObject() ); // CORRECTION
}
}
Reference:
Severity:
Medium
Rule:
Avoid calling finder methods in ejbLoad method
Reason:
Avoid calling finder methods in ejbLoad method
Usage Example:
public class OrderBean implements EntityBean {
private long orderId;
private String orderName;
private long lineItemId; // FK to the child table LineItems table
private Collection lineItems; // child data from LineItems table
public void ejbLoad() {
// step1: select orderId, orderName and lineItemId from Order table
/* step2: get lineItems by looking up LineItem entity bean
: look up LineItem home reference through JNDI
lineItems = lineItemHome.findLineItems(lineItemId); // VIOLATION
*/
}
public Collection getLineItems(){
return lineItems;
}
Should be written as:
public class OrderBean implements EntityBean {
private long orderId;
private String orderName;
private long lineItemId; // FK to the child table LineItems table
private Collection lineItems; // child data from LineItems table
public void ejbLoad() {
// step1: select orderId, orderName and lineItemId from Order table
}
public Collection getLineItems(){
/* step2: get lineItems by looking up LineItem entity bean
: look up LineItem home reference through JNDI
lineItems = lineItemHome.findLineItems(lineItemId);
*/
return lineItems;
}
Reference:
http://www.precisejava.com/javaperf/j2ee/EJB.htm
Severity:
Critical
Rule:
Finder methods should always have public access and should not be declared final nor static.
Reason:
Finder methods should always have public access and should not be declared final nor static.
Usage Example:
Should be written as:
Reference:
"Enterprise JavaBeans Tutorial".
Severity:
Critical
Rule:
Finder methods should always return either the bean's component interface or a collection.
Reason:
Finder methods should always return either the bean's component interface or a collection.
Usage Example:
import javax.ejb.*;
import java.rmi.RemoteException;
import java.util.Collection;
public interface CustomerHome extends EJBHome
{
public Customer create (String first, String last) throws CreateException, RemoteException;
public String findByPrimaryKey( String key ) throws FinderException, RemoteException; // VIOLATION
public Customer[] findByCity( String city ) throws FinderException, RemoteException; // VIOLATION
}
Should be written as:
import javax.ejb.*;
import java.rmi.RemoteException;
import java.util.Collection;
public interface CustomerHome extends EJBHome
{
public Customer create (String first, String last) throws CreateException, RemoteException;
public Customer findByPrimaryKey( String key ) throws FinderException, RemoteException;
public Collection findByCity( String city ) throws FinderException, RemoteException;
}
Reference:
"Enterprise JavaBeans Tutorial".
"Enterprise JavaBeans Tutorial".
Severity:
Critical
Rule:
Create methods in remote and local home interfaces should always throw javax.ejb.CreateException.
Reason:
Create methods in remote and local home interfaces should always throw javax.ejb.CreateException.
Usage Example:
Should be written as:
Reference:
ftp://ftp.java.sun.com/pub/ejb/947q9tbb/ejb-2_0-fr2-spec.pdf
Severity:
Critical
Rule:
Finder methods in remote and local home interfaces should always throw javax.ejb.FinderException.
Reason:
Finder methods in remote and local home interfaces should always throw javax.ejb.FinderException.
Usage Example:
Should be written as:
Reference:
ftp://ftp.java.sun.com/pub/ejb/947q9tbb/ejb-2_0-fr2-spec.pdf
Severity:
Critical
Rule:
Session and entity beans should implement atleast one ejbCreate() method.
Reason:
Session and entity beans should implement atleast one ejbCreate() method.
Usage Example:
Should be written as:
Reference:
"Enterprise JavaBeans Tutorial".
Severity:
Critical
Rule:
Message-driven beans should implement ejbCreate() method.
Reason:
Message-driven beans should implement ejbCreate() method.
Usage Example:
Should be written as:
Reference:
ftp://ftp.java.sun.com/pub/ejb/947q9tbb/ejb-2_0-fr2-spec.pdf P.316 15.4.4
ftp://ftp.java.sun.com/pub/ejb/947q9tbb/ejb-2_0-fr2-spec.pdf P.316 15.4.4
ftp://ftp.java.sun.com/pub/ejb/947q9tbb/ejb-2_0-fr2-spec.pdf P.316 15.4.4
ftp://ftp.java.sun.com/pub/ejb/947q9tbb/ejb-2_0-fr2-spec.pdf P.316 15.4.4
Severity:
Critical
Rule:
All remote and remote home interface methods should throw java.rmi.RemoteException
Reason:
All remote and remote home interface methods should throw java.rmi.RemoteException
Usage Example:
Should be written as:
Reference:
ftp://ftp.java.sun.com/pub/ejb/947q9tbb/ejb-2_0-fr2-spec.pdf P.97
Severity:
Medium
Rule:
Always define a default constructor for bean.
Reason:
Always define a default constructor for bean.
Usage Example:
package com.rule;
import javax.ejb.EntityBean;
public class Define_default_public_constructor_for_bean_violation implements EntityBean
{
Define_default_public_constructor_for_bean_violation(String str) // VIOLATION
{
}
}
Should be written as:
package com.rule;
import javax.ejb.EntityBean;
public class Define_default_public_constructor_for_bean_correction implements EntityBean
{
public Define_default_public_constructor_for_bean_correction() // CORRECTION
{
}
}
Reference:
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/BMP2.html#62922
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Session2.html
Severity:
Critical
Rule:
Checks if the local home interface satisfies the requirements.
Reason:
Checks if the local home interface satisfies the requirements.
Usage Example:
import javax.ejb.CreateException;
import javax.ejb.FinderException;
public interface InputLocalHomeInterface
extends javax.ejb.EJBLocalHome
{
public Boolean createBoolean(boolean aParam)
throws CreateException; // VIOLATION
abstract void createAName(String name); // VIOLATION
abstract void findByName(String name); // VIOLATION
public Boolean findByBoolean(boolean aParam)
throws FinderException; // VIOLATION
public void someMethod() throws java.rmi.RemoteException; // VIOLATION
}
Should be written as:
import javax.ejb.CreateException;
import javax.ejb.FinderException;
public interface InputLocalHomeInterface
extends javax.ejb.EJBLocalHome
{
public LocalComponentInterface createBoolean(boolean aParam)
throws CreateException;
abstract LocalComponentInterface createAName(String name) throws CreateException;
abstract LocalComponentInterface findByName(String name) throws FinderException;
public java.util.Collection findByBoolean(boolean aParam)
throws FinderException;
public void someMethod();
}
Reference:
Enterprise JavaBeansTM Specification,Version 2.0
Severity:
Medium
Rule:
Explicitly remove stateful session beans when finished with them.
Reason:
Explicitly remove stateful session beans when finished with them.
Usage Example:
package com.rule;
import javax.servlet.http.HttpServlet;
import javax.ejb.SessionBean;
public class Remove_stateful_session_beans_when_finished_violation extends HttpServlet
{
private SessionBean bean;
private void clenUp()
{ // VIOLATION
}
}
Should be written as:
package com.rule;
import javax.servlet.http.HttpServlet;
import javax.ejb.SessionBean;
public class Remove_stateful_session_beans_when_finished_correction extends HttpServlet
{
private SessionBean bean;
private void clenUp()
{
bean.remove(); // CORRECTION
}
}
Reference:
http://www.geocities.com/javabestpractices/ejb.html
Severity:
Medium
Rule:
Bean classes should be declared public.
Reason:
Bean classes should be declared public.
Usage Example:
package com.rule;
import javax.ejb.EntityBean;
class Declare_bean_class_public_violation implements EntityBean // VIOLATION
{
public static String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
//implementation
return ID;
}
public final String ejbCreate(String ID, String Name, String Details) throws CreateException, RemoteException
{
//implementation
return ID;
}
}
Should be written as:
package com.rule;
import javax.ejb.EntityBean;
public class Declare_bean_class_public_correction implements EntityBean // CORRECTION
{
public static String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
//implementation
return ID;
}
public final String ejbCreate(String ID, String Name, String Details) throws CreateException, RemoteException
{
//implementation
return ID;
}
}
Reference:
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/BMP2.html#62922
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Session2.html
Severity:
Medium
Rule:
Do not declare bean class abstract
Reason:
Do not declare bean class abstract
Usage Example:
package com.rule.ejb;
import java.rmi.RemoteException;
import javax.ejb.CreateException;
import javax.ejb.SessionBean;
public abstract class Do_not_declare_bean_class_abstract_violation implements SessionBean // VIOLATION
{
public String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
//implementation
return ID;
}
}
Should be written as:
package com.rule.ejb;
import java.rmi.RemoteException;
import javax.ejb.CreateException;
import javax.ejb.SessionBean;
public class Do_not_declare_bean_class_abstract_correction implements SessionBean // CORRECTION
{
public String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
//implementation
return ID;
}
}
Reference:
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/BMP2.html#62922
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Session2.html
Severity:
Medium
Rule:
Entity beans should be accessed only from session beans
Reason:
Entity beans should be accessed only from session beans
Usage Example:
package com.rule;
import javax.servlet.http.HttpServlet;
import javax.ejb.EntityBean;
public class Access_entity_beans_only_from_session_beans_violation extends HttpServlet // VIOLATION
{
private EntityBean bean;
}
Should be written as:
package com.rule;
import javax.ejb.EntityBean;
import javax.ejb.SessionBean;
public class Access_entity_beans_only_from_session_beans_correction implements SessionBean // CORRECTION
{
private EntityBean bean;
}
Reference:
http://www-4.ibm.com/software/webservers/appserv/ws_bestpractices.pdf
http://www.javaperformancetuning.com/tips/rawtips.shtml
Severity:
Medium
Rule:
For each ejbCreate method, you must write an ejbPostCreate method in the entity bean class.
Reason:
For each ejbCreate method, you must write an ejbPostCreate method in the entity bean class.
Usage Example:
package com.rule;
import javax.ejb.EntityBean;
public class Avoid_unused_ejbPostCreate_violation implements EntityBean
{
public String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
//implementation
return ID;
}
public void ejbPostCreate(String ID, String Name)
{
//implementation
}
public void ejbPostCreate(String ID, String Name, String Details) // VIOLATION
{
//implementation
}
}
Should be written as:
package com.rule;
import javax.ejb.EntityBean;
public class Avoid_unused_ejbPostCreate_correction implements EntityBean
{
public String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
//implementation
return ID;
}
public void ejbPostCreate(String ID, String Name)
{
//implementation
}
/* // CORRECTION
public void ejbPostCreate(String ID, String Name, String Details)
{
//implementation
}
*/
}
Reference:
http://java.sun.com/j2ee/sdk_1.2.1/techdocs/guides/ejb/html/Entity3.html
Severity:
Medium
Rule:
Every ejbPostCreate method should have void as the return type.
Reason:
Every ejbPostCreate method should have void as the return type.
Usage Example:
Should be written as:
Reference:
"Enterprise JavaBeans Tutorial".
Severity:
Medium
Rule:
Define getter and setter methods for private instance fields.
Reason:
Define getter and setter methods for private instance fields.
Usage Example:
package com.rule.ejb;
import java.rmi.RemoteException;
import javax.ejb.EJBException;
import javax.ejb.EntityBean;
import javax.ejb.EntityContext;
import javax.ejb.RemoveException;
public class Define_getter_setter_for_private_fields_violation implements EntityBean
{
private int myField; // VIOLATION
public void setEntityContext(EntityContext arg0) throws EJBException, RemoteException{}
public void unsetEntityContext() throws EJBException, RemoteException{}
public void ejbRemove() throws RemoveException, EJBException, RemoteException{}
public void ejbActivate() throws EJBException, RemoteException{}
public void ejbPassivate() throws EJBException, RemoteException{}
public void ejbLoad() throws EJBException, RemoteException{}
public void ejbStore() throws EJBException, RemoteException{}
}
Should be written as:
package com.rule.ejb;
import java.rmi.RemoteException;
import javax.ejb.EJBException;
import javax.ejb.EntityBean;
import javax.ejb.EntityContext;
import javax.ejb.RemoveException;
public class Define_getter_setter_for_private_fields_correction implements EntityBean
{
private int myField; // CORRECTION
public int getMyField()
{
return myField;
}
public void setMyField(int i)
{
myField = i;
}
public void setEntityContext(EntityContext arg0) throws EJBException, RemoteException{}
public void unsetEntityContext() throws EJBException, RemoteException{}
public void ejbRemove() throws RemoveException, EJBException, RemoteException{}
public void ejbActivate() throws EJBException, RemoteException{}
public void ejbPassivate() throws EJBException, RemoteException{}
public void ejbLoad() throws EJBException, RemoteException{}
public void ejbStore() throws EJBException, RemoteException{}
}
Reference:
http://www-sop.inria.fr/semir/personnel/Patrick.Itey/cours/j2ee/Tps/tp2/tp2.html
Severity:
Medium
Rule:
Do not define finalize () method in bean classes.
Reason:
Do not define finalize () method in bean classes.
Usage Example:
package com.rule.ejb;
import java.rmi.RemoteException;
import javax.ejb.EJBException;
import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
public class Do_not_define_finalize_in_bean_violation implements SessionBean
{
protected void finalize() // VIOLATION
{
}
public void setSessionContext(SessionContext arg0) throws EJBException, RemoteException
{
}
public void ejbRemove() throws EJBException, RemoteException
{
}
public void ejbActivate() throws EJBException, RemoteException
{
}
public void ejbPassivate() throws EJBException, RemoteException
{
}
}
Should be written as:
package com.rule.ejb;
import java.rmi.RemoteException;
import javax.ejb.EJBException;
import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
public class Do_not_define_finalize_in_bean_correction implements SessionBean
{
/* // CORRECTION
protected void finalize()
{
}
*/
public void setSessionContext(SessionContext arg0) throws EJBException, RemoteException
{
}
public void ejbRemove() throws EJBException, RemoteException
{
}
public void ejbActivate() throws EJBException, RemoteException
{
}
public void ejbPassivate() throws EJBException, RemoteException
{
}
}
Reference:
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/BMP2.html#62922
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Session2.html
Severity:
Medium
Rule:
The ejbCreate methods should not be static or final
Reason:
The ejbCreate methods should not be static or final
Usage Example:
package com.rule;
import javax.ejb.EntityBean;
public class Avoid_making_ejbCreate_methods_static_final_violation implements EntityBean
{
public static String ejbCreate(String ID, String Name) throws CreateException, RemoteException // VIOLATION
{
//implementation
return ID;
}
public final String ejbCreate(String ID, String Name, String Details) throws CreateException, RemoteException // VIOLATION
{
//implementation
return ID;
}
}
Should be written as:
package com.rule;
import javax.ejb.EntityBean;
public class Avoid_making_ejbCreate_methods_static_final_correction implements EntityBean
{
public String ejbCreate(String ID, String Name) throws CreateException, RemoteException // CORRECTION
{
//implementation
return ID;
}
public String ejbCreate(String ID, String Name, String Details) throws CreateException, RemoteException // CORRECTION
{
//implementation
return ID;
}
}
Reference:
http://info.borland.com/devsupport/appserver/faq/Contract_for_Entity.html
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/BMP2.html#62922
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Session2.html
Severity:
Medium
Rule:
ejbCreate method should always return void.
Reason:
ejbCreate method should always return void.
Usage Example:
package com.rule;
import javax.ejb.SessionBean;
public class ejbCreate_methods_should_return_void_violation implements SessionBean
{
public String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
// ...
return ID; // VIOLATION
}
public String ejbCreate(String ID, String Name, String Details) throws CreateException, RemoteException
{
// ...
return ID; // VIOLATION
}
}
Should be written as:
package com.rule;
import javax.ejb.SessionBean;
public class ejbCreate_methods_should_return_void_correction implements SessionBean
{
public void ejbCreate(String ID, String Name) throws CreateException, RemoteException // CORRECTION
{
//implementation
}
public void ejbCreate(String ID, String Name, String Details) throws CreateException, RemoteException // CORRECTION
{
//implementation
}
}
Reference:
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/BMP2.html#62922
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Session2.html
Severity:
Medium
Rule:
Do not declare bean classes as final.
Reason:
Do not declare bean classes as final.
Usage Example:
package com.rule.ejb;
import java.rmi.RemoteException;
import javax.ejb.CreateException;
import javax.ejb.EJBException;
import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
public final class Do_not_declare_bean_class_final_violation implements SessionBean // VIOLATION
{
public String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
//implementation
return ID;
}
public void setSessionContext(SessionContext arg0) throws EJBException, RemoteException
{
}
public void ejbRemove() throws EJBException, RemoteException
{
}
public void ejbActivate() throws EJBException, RemoteException
{
}
public void ejbPassivate() throws EJBException, RemoteException
{
}
}
Should be written as:
package com.rule.ejb;
import java.rmi.RemoteException;
import javax.ejb.CreateException;
import javax.ejb.EJBException;
import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
public class Do_not_declare_bean_class_final_correction implements SessionBean // CORRECTION
{
public String ejbCreate(String ID, String Name) throws CreateException, RemoteException
{
//implementation
return ID;
}
public void setSessionContext(SessionContext arg0) throws EJBException, RemoteException
{
}
public void ejbRemove() throws EJBException, RemoteException
{
}
public void ejbActivate() throws EJBException, RemoteException
{
}
public void ejbPassivate() throws EJBException, RemoteException
{
}
}
Reference:
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/BMP2.html#62922
http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Session2.html