[cdi-dev] [JBoss JIRA] (CDI-739) Scope mismatch can lead to subtle bugs
Frigo Coder (Jira)
issues at jboss.org
Thu Nov 29 05:51:00 EST 2018
Frigo Coder created CDI-739:
-------------------------------
Summary: Scope mismatch can lead to subtle bugs
Key: CDI-739
URL: https://issues.jboss.org/browse/CDI-739
Project: CDI Specification Issues
Issue Type: Bug
Components: Beans, Contexts, Java EE integration
Reporter: Frigo Coder
CDI allows injection of a non-proxyable object created by a provider into higher level contextes. This can lead to subtle bugs, see the following example, the first username that accesses the service is returned for other users:
{code:java}
@ApplicationScoped
public class ServiceClass {
@Inject
@UserName
private String userName;
}
@RequestScoped
public class UserNameProvider {
@Inject
private HttpServletRequest request;
@Produces
@UserName
public String userName() {
return request.getUserPrincipal().getName();
}
}
{code}
CDI should fail to start when it detects such a situation. Do note that this bug does not require direct injection (Service->userName), it can occur transitively as well (Service->User->userName).
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the cdi-dev
mailing list