Framework Apache-CXF

for JavaEE environment

Julia will translate the CXF annotations into its own, keeping trace mostly of new entry points for the analysis and of unrusted data that comes from the web.

Required libraries: cxf-bundle.jar

Applicability

This specification gets automatically applied when:

  • the framework of the analysis contains the word java (case insensitive)
  • there exists an annotation that starts with org.apache.cxf


Implications between annotations

Some annotations of this framework get translated automatically into standard Julia annotations, such that the analysis engine can react accordingly. Namely:

  • if an element is annotated with org.apache.cxf.jaxrs.ext.Nullable, Julia considers it to be annotated also with:
    • com.juliasoft.julia.checkers.nullness.Nullable
  • if an element is annotated with org.apache.cxf.jaxrs.ext.PATCH, Julia considers it to be annotated also with:
    • com.juliasoft.julia.extraction.EntryPoint
  • if an element is annotated with org.apache.cxf.jaxrs.ext.multipart.Multipart, Julia considers it to be annotated also with:
    • com.juliasoft.julia.checkers.flows.UntrustedUserInput