Class DataProtectionInterceptor
- All Implemented Interfaces:
DispatchInterceptor
,HandlerDecorator
,HandlerInterceptor
DispatchInterceptor
and HandlerInterceptor
that supports secure transmission of sensitive data
fields by removing them from the payload before dispatch and restoring them during handling.
This interceptor works in two phases:
- Dispatch phase:
- Scans the payload for fields annotated with
ProtectData
. - Each such field is serialized and stored securely in a designated store, indexed by a generated key.
- The payload is cloned and sensitive fields are removed (set to
null
). - The generated key references are stored in the message metadata under
METADATA_KEY
.
- Scans the payload for fields annotated with
- Handling phase:
- Looks for protected data references in the message metadata.
- If present, retrieves the original values from the store using the stored keys.
- Injects the retrieved values back into the message payload before invocation.
- If the target method is annotated with
DropProtectedData
, the stored entries are deleted after injection.
This strategy is useful for preventing sensitive or private data from being persisted to the message log, while still allowing handlers to receive full context during execution.
Example
public class MyHandler {
@HandleCommand
public void handle(@ProtectData String ssn, ...) {
...
}
@HandleCommand
@DropProtectedData
public void auditSensitive(@ProtectData String secretField, ...) {
...
// After invocation, the secret is permanently removed
}
}
Note: The payload is cloned via (de)serialization to ensure the original object remains unmodified.
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from interface io.fluxcapacitor.javaclient.tracking.handling.HandlerDecorator
HandlerDecorator.MergedDecorator
Nested classes/interfaces inherited from interface io.fluxcapacitor.javaclient.tracking.handling.HandlerInterceptor
HandlerInterceptor.InterceptedHandler
-
Field Summary
FieldsFields inherited from interface io.fluxcapacitor.javaclient.publishing.DispatchInterceptor
noOp
Fields inherited from interface io.fluxcapacitor.javaclient.tracking.handling.HandlerDecorator
noOp
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptioninterceptDispatch
(Message m, MessageType messageType, String topic) Intercepts the dispatch of a message before it is serialized and published or locally handled.interceptHandling
(Function<DeserializingMessage, Object> function, HandlerInvoker invoker) Intercepts the message handling logic.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface io.fluxcapacitor.javaclient.publishing.DispatchInterceptor
andThen, modifySerializedMessage, monitorDispatch
Methods inherited from interface io.fluxcapacitor.javaclient.tracking.handling.HandlerDecorator
andThen
Methods inherited from interface io.fluxcapacitor.javaclient.tracking.handling.HandlerInterceptor
wrap
-
Field Details
-
METADATA_KEY
-
-
Constructor Details
-
DataProtectionInterceptor
public DataProtectionInterceptor()
-
-
Method Details
-
interceptDispatch
Description copied from interface:DispatchInterceptor
Intercepts the dispatch of a message before it is serialized and published or locally handled.You may modify the message or return
null
to block dispatching. Throwing an exception also prevents dispatching.- Specified by:
interceptDispatch
in interfaceDispatchInterceptor
- Parameters:
m
- the message to be dispatchedmessageType
- the type of the message (e.g., COMMAND, EVENT, etc.)topic
- the target topic or null if not applicable- Returns:
- the modified message, the same message, or
null
to prevent dispatch
-
interceptHandling
public Function<DeserializingMessage,Object> interceptHandling(Function<DeserializingMessage, Object> function, HandlerInvoker invoker) Description copied from interface:HandlerInterceptor
Intercepts the message handling logic.The
function
parameter represents the next step in the handling chain— typically the actual message handler. Theinvoker
provides metadata and invocation logic for the underlying handler method.Within this method, an interceptor may:
- Modify the
DeserializingMessage
before passing it to the handler - Bypass the handler entirely and return a value directly
- Wrap the result after the handler is invoked
Note: Interceptors may return a different
DeserializingMessage
, but it must be compatible with a handler method in the same target class. If no suitable handler is found, an exception will be thrown.- Specified by:
interceptHandling
in interfaceHandlerInterceptor
- Parameters:
function
- the next step in the handler chain (typically the handler itself)invoker
- the metadata and execution strategy for the actual handler method- Returns:
- a decorated function that wraps handling behavior
- Modify the
-