...
In this non-compliant solution, the code compares the name of the class of object h to the string "DefaultAuthenticationHandler", and proceeds according to whether this comparison succeeds or not.
| Code Block | ||
|---|---|---|
| ||
 // determine whether object h has required/expected class name
if (h.getClass().getName().equals("com.example.application.auth.DefaultAuthenticationHandler")) {
   // code assumes it's an authorized class
}
|
...
In this compliant solution, we compare the class object of h itself to the class object of the class that the current class loader would load with our required name.
| Code Block | ||
|---|---|---|
| ||
 // determine whether object h has required/expected class name
if (h.getClass() == this.getClassLoader().loadClass("com.example.application.auth.DefaultAuthenticationHandler")) {
   // code determines authorized class loaded by same classloader
}
|
...
This code compares the names of the 2 classes of objects x and y and behaves accordingly.
| Code Block | ||
|---|---|---|
| ||
 // determine whether objects x and y have same class name
if (x.getClass().getName().equals( y.getClass().getName() )) {
   // code assumes objects have same class
}
|
...
This compliant solution correctly compares the 2 objects' classes
| Code Block | ||
|---|---|---|
| ||
 // determine whether objects x and y have same class
if (x.getClass() == y.getClass()) {
   // code determines objects have same class
}
|
...