Enterprise Java

Poking around your REST application with a scriptable endpoint

I love the fact that JDK comes with a ScriptEngine. It’s so flexible when you want to evaluate and troubleshoot your application that’s already deployed in an server environment. Add this REST endpoint into a Java EE app, and it will give you instant access to internal states of the app.


package myrestapp;

import java.io.StringReader;
import java.util.logging.Logger;
import javax.script.Bindings;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.core.Context;

 * Give instant access to your internal application with dynamic scripting.
 * <p>Example script:
 * <pre>
 * "sc" + servletContext + ", req=" + request;
 * </pre>
 * <p>Example2
 * <pre>
 * names = servletContext.getAttributeNames();
 * while(names.hasMoreElements()) {
 *   name = names.nextElement();
 *   println(name);
 * }
 * </pre>
public class ScriptResource {
    private static final Logger logger = Logger.getLogger(ScriptResource.class.getName());
    private ServletContext servletContext;
    public String script(@Context HttpServletRequest request, String scriptText) throws Exception {
        String engineName = "JavaScript";
        ScriptEngineManager manager = new ScriptEngineManager();
        ScriptEngine engine = manager.getEngineByName(engineName);
        logger.info("Running script text length=" + scriptText.length() + ", engine=" + engine);
        Object result = null;
        try (StringReader reader = new StringReader(scriptText)) {
            Bindings bindings = engine.createBindings();
            bindings.put("servletContext", servletContext);
            bindings.put("request", request);
            result = engine.eval(reader, bindings);
        logger.info("Result " + result);
        return "" + result;

Notice that I gave couple JavaScript examples in the comment area already. You will have access to two binding variables that should give you full access to many internal components of your application.

Need an UI to test out this endpoint? How about give the “Advance Rest Client” Chrome Extension a try? (Thanks to my co-worker’s Chris Griffin tips on this cool extension. It’s really handy tool to have!).

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
Back to top button