Software Development

How to deal with {conservative, intractable, annoying} APIs

Have you ever been fighting with an, at least for your current purpose, inflexible API? I picked up one of the trickier scenarios – calling super( … ) with parameters.

Sometimes there will be APIs defining constructors that force to be called with instances of Objects. So far so good, but what if the handled parameter is stored private inside the class you are calling and doesn’t provide a getter method? Here is an example how to solve the bother…

In my case it was an extension of the class. Socket can be seen as a nice wrapper to a concrete implementation class, for example SocketImpl which contains the “lower” level (not low level!) code. However Socket provides a nice constructor to set the underlying implementation class:

protected Socket(SocketImpl impl) throws SocketException {
   this.impl = impl;
   if (impl != null) {

So this gives an easy way to use the predefined routines of with my underlying implementation without changing too much on existing code that former relied implicit on SocketImpl. The bad thing about this is that there is no way to get the handled SocketImpl instance from the wrapper (this.impl is package private, as well as the getter is package private). So if you do something like this:

public MyPrettyNewSocket extends Socket {
   public MyPrettyNewSocket() throws SocketException {
     super(new MyPrettyNewSocketImpl();

you have no chance to interact with the instance of MyPrettyNewSocketImpl directly. All calls will be done by the Socket super class.

That really bothered me since all I would like to do is to add two new methods to MyPrettyNewSocket without touching the ones provided by Socket. The logic behind these methods is implemented in, yes your guess is right, MyPrettyNewSocketImpl.

So at least one is stuck at this point since the implementation class can’t be instantiated before super(new MyPrettyNewSocketImpl() is called (super( … ) or this( … ) have to be the first calls of a constructor). Even the dirty parameter assignment known from method calls inside (e.g. super(someInternalVariable = new MyPrettyNewSocketImpl())) is not allowed for constructors. In order to circumvent this problem you have to do some dirty tricks: call the super constructor not directly, but in a chained way. And here is how you can deal with such issues:

public class MyPrettyNewSocket extends Socket {
   MyPrettyNewSocketImpl mpnSocketImpl;
   public MyPrettyNewSocket() throws SocketException {
      this(new MyPrettyNewSocketImpl());

   private MyPrettyNewSocket(MyPrettyNewSocketImpl myImpl) throws SocketException {
      mpnSocketImpl = myImpl;

As we can see the trick is to call at first another internal private constructor of my own class extending Socket with an instance of the custom SocketImpl extending class. Normally the passed instance would get lost in the depths of Socket, but after all the construction magic we still have access and get the chance to continue working with it.

Reference: How to deal with {conservative, intractable, annoying} APIs from our JCG partner Christopher Meyer at the Java security and related topics blog.

Christopher Meyer

Chris works as a researcher and is eagerly looking for bugs in SSL/TLS, the Java platform and various applications. In addition, he is primarily interested in secure coding and exploiting coding mistakes.
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Newest Most Voted
Inline Feedbacks
View all comments
Back to top button