Java Developer Tools

Project Defaults

You can have finer control over the behavior of both the Audit and Audit Using... commands by defining per-project defaults for both the audit rule set to be used and the inclusion and exclusion patterns used to determine which files should be audited. Per-project defaults are specified using XML in an audit control file, which is a file named ".audit" that must be placed in the top-level directory of the project.

The following is an example of the contents of an audit control file:
<?xml version="1.0" encoding="UTF-8"?>
<auditControlFile version="1.0">
        <audit name="Java Files" auditRuleSet="/CodePro Defaults">
                <inclusionSet>
                        <inclusion pattern="**/*.java"/>
                </inclusionSet>
                <exclusionSet>
                        <exclusion pattern="**/internal/**/*.java"/>
                </exclusionSet>
        </audit>
</auditControlFile>

Basically, the top-level tag represents a list of audit information tags. Each "audit" tag specifies a name (for future use) and the name of an audit rule set. It also contains two lists of patterns: an inclusion list and an exclusion list.

The patterns follow the Ant syntax and are taken to be relative to the project's root directory. In the example above, the inclusion list specifies that all files that end in ".java" that occur anywhere within the project are to be audited. The exclusion list specifies that any file ending in ".java" that includes a directory named "internal" somewhere in the path should not be audited.

The audit rule set to be used is specified using a path. The path can follow one of the following patterns:

/ <audit rule set name>

In this case, which appears in the example above, the audit rule set is searched for among those loaded in the Workspace.

/ <project name> [/ <file path>] / <audit rule set name>

In this case, the audit rule set is searched for among those defined in the file at the given file path within the given project. If the file path is not given, then the file is assumed to be a file named ".auditRuleSets" defined at the root of the project.

[<file path> /] <audit rule set name>

In this case, the audit rule set is searched for among those defined in the file at the given file path within the project containing the audit control file. As above, if no file path is given, then the file is assumed to be a file named ".auditRuleSets" defined at the root of the project.

When the Audit command is executed, each of the selected files is processed in the following way. First, the project containing the file is examined to see whether or not it contains an audit control file. If not, then the file is audited using the default audit rule set defined in the workspace. If an audit control file does exist, then the file is matched against the inclusion and exclusion lists given for each audit information tag. If the file matches at least one inclusion pattern and does not match any of the exclusion patterns, then that file will be audited using the corresponding audit rule set. (If the audit rule set cannot be found, then the default audit rule set is used instead.) If the file does not match any of the lists, then it will not be audited.

Note: If a file matches the inclusion and exclusion patterns in multiple audit information tags, then the file will be audited multiple times, once for each of the corresponding audit rule sets. If you include multiple audit information tags in the audit control file, you should be careful that they do not overlap.

The Audit Using... command is similar, but the audit rule set you choose will always be used. In this case, the audit control file controls whether or not the file will be audited, but not which audit rule set will be used.

Dynamic code auditing can be configured to either use the audit control files or not. If the audit control files are used, the default rule set specified for the dynamic audit is used where the default rule set would have been used.

Authentication required

You need to be signed in with Google+ to do that.

Signing you in...

Google Developers needs your permission to do that.