Concerns Overview
One of the design goals of light-4j is to address all the technical cross-cutting concerns in the frameworks so that service developers only need to focus on the business logic without worrying about security, auditing, logging, metrics, etc. The same pattern can be applied in the business context as well so that you can have several handlers performing different tasks within the business context. For example, the fine-grained authorization can be done as a cross-cutting concern in the business context without mixing into the real business logic within the core request handler.
Technical Cross-Cutting Concerns
When building an application, there is a functional requirement. Normally, there is always a non-functional requirement that is created to address all technical concerns. In most platforms, developers need to address these concerns in the same business handler at the same time. It makes the application very hard to maintain and to reason about as functional requirements and business requirements are implemented at the same time in the same context. The code is blended and hard to separate, hence decreasing the maintainability. Light divides these concerns into individual handlers so that multiple developers can work together. These handlers are relatively simple and easy to be shared between services, and we have provided dozens built-in handlers in the platform. Without non-functional concerns in the business logic, the main business handler will be much simpler to implement and reason about. In the long run, it is easy to maintain as any modification will be focused on the business logic only.
Here is a list of cross-cutting concerns provided by Light.
light-4j
- API Key
- APM Metrics
- Audit log
- Load Balance
- Basic Authentication
- Body Parser
- Proxy Body Parser
- HTTP/2 Client
- Cluster Support
- Common Component
- Direct Registry
- Consul Client
- Correlation Id
- CORS Handler
- Data Source
- Decryptor
- Request Dump
- Encode Decode
- Exception Handling
- Extenal Config
- Handler Interface
- Business Handler
- Header Handler
- Health Check
- Influx Metrics
- Proxy Health
- Server Info
- IP Whitelist
- Rate Limit
- Log Mask
- Logger Config
- Metrics
- Jwt Verifier
- Portal Registry
- Prometheus Metrics
- Registry Discovery
- Request Body Interceptor
- Request Interceptor Injection
- Request Transformer Interceptor
- Response Body Interceptor
- Response Interceptor Injection
- Response Transformer Interceptor
- Router Handler
- XSS Sanitizer
- Security
- Server
- Service
- Status
- Switch
- Swt Verifier
- Traceability Id
- Utility
- ZooKeeper Client
- Salesforce
- External Handler
- Request Interceptor Injection
- Response Interceptor Injection
- Dummy OAuth Server
- Shutdown Server
- PathPrefixService
light-rest-4j
light-graphql-4j
light-hybrid-4j
light-aws-lambda
With Lambda framework
With Light-Proxy
Business Cross-Cutting Concerns
In a system, besides of technical concerns, there are other concerns that need to be addressed within the business context. In most systems, these will be blended into the business logic implementation which makes the business rules hard to reason about. In our design, these are separated into individual handlers which wired in before or after the main business handlers. For example, fine-grained authorization based on the custom claim in the JWT token or result filter based on the client_id in the JWT token.