This rule flags code that retrieves the UserTransaction object by using javax.transaction.UserTransaction or weblogic.transaction.UserTransaction as a lookup string.
Bean-managed transactions beans must obtain the UserTransaction object by using the EJBContext getUserTransaction method. Other application components, such as servlets and web components get the reference through a JNDI lookup using the name, java:comp/UserTransaction.
The following types of lookup are flagged.
WebLogic UserTransaction Lookup|
UserTransaction xact = ctx.lookup("javax.transaction.UserTransaction"); or UserTransaction xact = ctx.lookup("weblogic.transaction.UserTransaction"); |
For bean-managed transactions, the line of code is changed to use the getUserTransaction method.
Bean-managed lookup|
UserTransaction xact = ctx.getUserTransaction(); |
For non-enterprise bean code (application clients, web components and servlets), the source scanner provides a quick fix that changes the code to use a JNDI lookup with the name, java:comp/UserTransaction. The result resembles the following example:
WebSphere UserTransaction Lookup|
UserTransaction xact = ctx.lookup("java:comp/UserTransaction"); |