-
Notifications
You must be signed in to change notification settings - Fork 1
Getting started
First of all, please try to take a look at the Demo module. Look at the Java code. Look at the Gradle build script (build.gradle
). Run the code and ready quickly through the output. This should give you some very basic understanding of how Access Warden works, about its intentions, and its capabilities.
Now let's enhance some of your existing projects with Access Warden. The first step is to add the API module to your project's runtime dependencies. (Yes, Access Warden API must be compiled and present along with your project at runtime!).
The second step is to actually make use of the Access Warden capabilities. For example, let's suppose you have a class my.proj.MyClass
with this method:
private static void superSecretMethod() {
...
}
In order to protect this method from being called using any reflection, at first, let's just prohibit all reflection frames to be present in the call stack upon reaching this method:
@RestrictedAccess (
prohibitReflections = true
)
private static void superSecretMethod() {
...
}
Now, whenever anybody (including you!) will attempt to invoke this superSecretMethod()
using Java reflections API, a java.lang.SecurityException
will be thrown, and your code inside the method will not be executed. But it's all currently "theoretically".
Let's get to practice! The last step is to set up your environment to make Access Warden run the necessary transformations, so that the above @RestrictedAccess
annotation is converted into so-called checker code (that analyzes the current call stack and environment and decides whether to allow the method call to pass or not). How exactly you're going to do this depends on whether you are using Gradle as your project build tool or not.
Follow the instructions on this wiki page to make Gradle apply all the necessary Access Warden transformations to your final build JAR automatically. If you're using Gradle, you're lucky since you only do these things once — then you will be just building your project as if you didn't use Access Warden at all — the Gradle plugin will be doing all the magic automatically!
If you are not using Gradle, and are not even planning to, you'll have to manually run the Core module as a standalone application each time after you build your application (no matter how you built it — with Maven, Ant, or maybe by manually compiling and assembling all the classes) in order to transform the magic of Access Warden like @RestrictedAccess
annotations into actual checker code.
I'll still recommend you to use Gradle though — it doesn't take so long to learn the basics, and it's really cool!
Just open an issue! I'll try to help as soon as possible.
After getting the basic setup to work, make sure to check the rest of the wiki for more advanced options and tricks to take full advantage of Access Warden. It will only take some time to get used to it — and after that, you won't even remember you're using this project!