Framework for Frameworks handling APIs

AppScan® Source provides a set of Java™ APIs that allow you to add support for frameworks that are used in your applications. The classes and methods offered in these APIs allow you to account for frameworks for which built-in support is not provided.

Note: AppScan Source includes built-in support for these frameworks:
  • Apache Struts 1 and 2
  • Spring MVC 2.5 and 3
  • ASP .NET MVC (Windows™ only)
  • Enterprise JavaBeans™ (EJB) 2
  • ASP .NET (Windows only)
  • J2EE
  • JavaServer Faces (JSF) 2
  • .NET 4.5 (Windows only)
  • Jax - RS (V1.0 and V1.1)
  • Jax - WS (V2.2)

Modern frameworks have moved a great deal of information that affects the run time behavior of applications out of normal source code and into configuration files and annotations. In the past, this resulted in blind spots during static analysis. Product teams could create custom rules for individual applications, however, no framework existed that could flexibly describe the activities of these frameworks in an automated way.

By using the Framework for Frameworks APIs, you can quickly and easily add support for new frameworks right in AppScan Source. This is accomplished by processing the frameworks' associated configuration information and providing that data back to AppScan Source through the associated APIs.

The Framework for Frameworks APIs are included with the installation of these products:

  • AppScan Source for Automation
  • AppScan Source for Analysis
  • AppScan Source for Development

The APIs are installed to <install_dir>\walalib (where <install_dir> is the location of your AppScan Source installation).

An example project archive is installed in <data_dir>\samples\F4FEjbExample.zip (where <data_dir> is the location of your AppScan Source program data, as described in Installation and user data file locations).
Note: Trace nodes with class names that begin with Appscan.Synthetic, Appscan.Synthetic.Validator, and AppScan.Synthetic.Replacement correspond to methods that are synthesized by AppScan Source.
  • AppScan.Synthetic methods are used to stitch traces together in application code that uses frameworks.
  • An AppScan.Synthetic.Validator method models the underlying validation performed by the framework runtime. You can select a validator method and mark it as a Validator if needed.
  • An AppScan.Synthetic.Replacement method indicates that a method in the application code was replaced by AppScan Source to capture data flow between disjoint components (such as controllers and views) of the framework.