The need
In the last ten years the mainstream Java technology has changed dramatically. Microservices are going to replace monolithic servers deployed in heavyweight containers.
Many organizations face the problem of increasingly complicated legacy applications and have to consider the decision of “rewrite or maintain”.
This encouraged us to extend our existing Application Understanding technology to the Java world, and the result of that effort is the AU4J product.
Whatever you want to do with your legacy code, either redevelop it from scratch, or continue the brownfield development and maintenance, you will need to understand the business logic.
AU4J scans application code and extracts the pure business logic, excluding the rest e.g. logging or management.
Code analysis traditionally goes top-down, starting from the entry points, and traversing the directed graph of the control flow. Things quickly become unclear, get out of hand, because complexity grows exponentially on the way.
AU4J takes the opposite direction. It detects the output endpoints in the code. From there, the traverse goes backward, gathering the code fragments that are involved in creation of the persistent data.
Functions of AU4J
Scanning, comprehensive examination and analysis of the application on the basis of the source code.
SCAN
Following the analysis, the hierarchy of the modules of the application is shown in a tree format.
MODULES
All the codes to the methods of the examined application is listed in a way to triger the given method.
INVOCATION MAP
Code elements not used in the application are identified. The recursive algorithm also filters out codes called not used code elements.
DEAD CODES
The list of application entities are displayed. The structure of the relating entities can be opened on the list next to each other.
ENTITIES
All the named and in-line query of the application is listed. Both the JPQL and the SQL generated from it is displayed.
QUERIES
It is often reqired by operators to find the source of SQL command read from the diary. Based on the SQL, this function identifies and returns the command of query, and with a click it displays the entire code of the method.
SQL FINDER
The name of the function stems from a medical diagnostic procedure called angiography. It shows by endpoints the relating code elements. In case of output endpoint, it paints the codes (selected colour) participating in producing them, whereas, in case of input endpoint, the codes that participate in the processing are painted.
PAINT
AU4J is connected to the version handling software storing the source code. In case of source code modification, the sofware indicates to the commit identifier, wich user functions (user cases) are to be tested, insteaf of the entire regressional testing of the modifies application. Applying this function will save meaningful resources for both operators and developers.
IMPACT ANALYSIS
AU4J provides important answers in security related questions. Security experts and decent hackers point to the vulnerable points of the system, if any. In other words, they signal the PRICE of a potential break-in. However, they have no information either on the VALUE that can be gained from a break-in or the demage to suffer. Only the specialists of this field can tell. In case the value is attached to the database by the relevant specialty, AU4J will display such entry points. In other words, it will show quantitatively to wthat extent the individual entry points are critical from security point of view.
SECURITY ANALYSIS
Who is this application developed for
AU4J is a useful tool for:
-
system operator IT experts,
-
software developers and system analysts responsible for system support,
-
experts planning to further develope or modify systems and
-
business and professional system users.
