The Source for Java Technology Collaboration


MetaDiff

The MetaDiff API will be a part of the manifest and metadata API. It is responsible for managing and resolving the three metadata and manifest files: META-INF/MANIFEST.MF, META-INF/metadata.xml and the metadata.xml file in the ".ZIP file comments" (ZFC) field of the artifact. In particular, it manages changes to the manifest information including digitally signing the changes and storing them. It uses the ZipInfo API to write out the ".ZIP file comments". An overview is provided here.

Requirements

  • Sanity checks:
    • Exactly one of ZFC/metadata.xml and META-INF/metadata.xml is present [0a, 0b, 0c, 0d]
    • provide an option to generate the metadata.xml or remove one of the files if possible [1a, 1b, 1c, 1d, 1e]
    • metadata.xml has been generated from the current revision of META-INF/MANIFEST.MF [2a, 2b, 2c, 2d]
    • provide an option to regenerate the metadata.xml if possible [3a, 3b, 3c]
    • provide a mechanism to select the error level for sanity checks (warn or error) [4a, 4b, 4c]
  • Combine the authorative metadata.xml with a selected metadata.xml diff from the ZFC [5a, 5b. 5c. 5d]
  • Provide a Java object representation of metadata.xml including serialisation and deserialisation [6, 7, 8]
  • Provide a diff between the generated metadata.xml and the authorative metadata.xml [9a, 9b, 9c]
  • Allow the diff to be digitally signed. [19a, 19b]
  • Provide a Java object representation of metadiff.xml including serialisation and deserialisation [10, 14]
  • Provide a Java object representation of ZFC including reading and writing the ZFC block [10, 14]
  • Search for and remove digital signitures from previous metadiff.xml files that match the digital signiture used to sign this metadiff [11a, 11b]
  • Search for and remove any metadiff.xml files that no longer have any digital signitures attached [12a, 12b, 12c]
  • Add this revision (the diff and digital signiture) to ZFC, but only if the ZFC will not exceed ZFC maximum size by so doing [13a, 13b, 13c, 13d]
  • Provide a mechanism to list the revisions, authors and digital signitures available [15a, 15b, 15c, 15d, 15e, 15f]
  • Provide a mechanism to allow additional authors to sign a revision [16a, 16b, 16c ,16d]

  • Provide a mechanism to set the ZFC size. Default to 64k [17a, 17b]
  • When a revision is removed from ZFC, that revision is written to standard out or a log file so that it may be archived elsewhere [18a, 18b]

Design approach

  • Controller class to coordinate execution
  • A Metadata class that represents the metadata.xml file, with accessor and mutator methods
  • A MetaDiff? class that represents a single metadiff.xml file, with accessor and mutator methods
  • A ZipComments? class that represents the entire ZFC entry and is able to accurately determine the size of the ZFC that would result from serialising the class. ZipComments? is also responsible for ensuring the ZFC maximum size is not exceeded; and provides accessor and mutator methods for manipulating digital signitures
  • Use an XMLDiff API

  • Generate a Metadata.class instance from the combined metadata.xml [6a, 6b]
  • Metadata.class has accessor and mutator methods for each entity [7]
  • Generate metadata.xml from Metadata.class [8a, 8b]

  • Generate a ZipComments?.class instance, MetaDiff?.class instances from the metadiff.xml entires in the ZFC [10a, 10b, 10c, 10d, 10e]
  • Search for and remove digital signitures from ZipComments?.class, MetaDiff?.class that match the digital signiture used to sign this diff [11a, 11b]
  • Search for and remove any diffs from ZFC that no longer have any digital signitures attached [12a, 12b, 12c]
  • Add this revision (the diff and digital signiture) to MetaDiff?.class, but only if the ZFC will not exceed ZFC maximum size by so doing [13a, 13b, 13c, 13d]
  • Update the ZFC contents from ZipComments?.class, MetaDiff?.class [14a, 14b, 14c, 14d, 14e]
  • Provide a MetaDiff?.class method that lists the revisions, authors and digital signitures available [15a, 15b, 15c, 15d, 15e, 15f]
  • Provide a MetaDiff?.class method to allow additional authors to sign a revision [16a, 16b, 16c ,16d]

[xmldiff to follow]

Implementation

CJANMetaDiffRawSpec [details to follow]

Install

[details to follow]

Test

[details to follow]

Topic CJANMetaDiffDesignDocument . { Edit | Ref-By | Printable | Diffs r5 < r4 < r3 < r2 < r1 | More }
 XML java.net RSS
Feedback  |  FAQ  |  Terms of Use
Privacy  |  Trademarks | Site Map

Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Participation.

Copyright © 1995-2006 Sun Microsystems, Inc.
Collabnet Logo Cognisync Logo
Powered by Sun Microsystems, Inc.,
CollabNet and Cognisync

Revision r5 - 05 May 2004 - 07:40:53 - Main.md84419
Parents: CJAN > InterestingSecurityProblem
TWiki (TM) Copyright © 1999-2003 by Peter Thoeny ALL RIGHTS RESERVED