ansaurus

Question

Spring: Injecting Resource as InputStream into a factory-method

Answer 1

+3 A:

Use the factory-method approach together with a constructor-arg (that will be mapped to a factory method argument) and automatically converted to an InputStream from a resource notation.

<bean id="policy" class="org.owasp.validator.html.Policy"
    factory-method="getInstance">

    <!-- type needed because there is also a getInstance(String) method -->
    <constructor-arg
        value="classpath:path/to/policyFile.xml"
        type="java.io.InputStream" />

</bean>

See the following parts of the Spring Reference:

Instantiation with a static factory method
Built-in Property Editors (InputStreamEditor is relevant here)
Examples of Dependency Injection (last section is about constructor-arg used in the context of a static factory-method)

seanizer 2010-09-02 10:52:24

Hey, I didn't realise Spring could coerce to `InputStream`, that's neat. Note, however, that Spring will not close the `InputStream` itself, it assumes the bean will do it. If the `Policy` class doesn't close that stream, then you'll end up with a leak.

skaffman 2010-09-02 11:13:41

Well observed. Policy does not close the InputStream: http://code.google.com/p/owaspantisamy/source/browse/trunk/Java/current/antisamy-project/antisamy/src/main/java/org/owasp/validator/html/Policy.java#210 . This should be reported as a bug, I guess

seanizer 2010-09-02 11:16:01

Hm, then I will open and close the InputStream in java-code.However, the construct <constructor-arg value="classpath:path/to/policyFile.xml" />looks neat, but when I try it out, I get a FileNotFoundException, that tells me it can not find 'classpath:tempo-antisamy.xml'. Somehow the classpath prefix is not separated from the filename

nebenmir 2010-09-02 11:25:54

@seanizer: I don't think this is a bug in `Policy`. It's good practise to close stream sin the same piece of code that opens them, and this would break that practise.

skaffman 2010-09-02 11:27:43

@nebenmir: obvious. It's trying to instantiate the method with the string parameter: http://code.google.com/p/owaspantisamy/source/browse/trunk/Java/current/antisamy-project/antisamy/src/main/java/org/owasp/validator/html/Policy.java#158 I'll try to see what we can do about that...

seanizer 2010-09-02 11:32:28

@nebenmir: fixed, see update

seanizer 2010-09-02 11:35:20

Answer 2

+2 A:

@seanizer's solution would be a good one if Policy closed the InputStream after it was finished reading from it, but apparently it doesn't. This will result in a leak, the severity of which depends how often it is called, and the nature of the resource.

To be safe, you should consider writing a custom FactoryBean implementation instead, which handles the opening and closing of the InputStream safely. The FactoryBean would be injected with a Resource object.

skaffman 2010-09-02 11:26:30

It shouldn't be a problem for a singleton bean, but it could be a real mess in a prototype bean, I agree.

seanizer 2010-09-02 11:38:42

@seanizer: Just so. Also, on windows that's going to keep an open file lock for as long as the app is running, which can be a real PITA.

skaffman 2010-09-02 11:39:49

assuming it's a file and not a jar resource, yes

seanizer 2010-09-02 11:47:57

ansaurus

tags:

views:

answers:

Spring: Injecting Resource as InputStream into a factory-method

related questions