more java

    /**
     * Tries to load peer SSL certificate from the inbound message transport using attribute
     * "javax.servlet.request.X509Certificate". If found sets peerSSLCredential in the context.
     *
     * @param samlContext context to populate
     */
    protected void populatePeerSSLCredential(SAMLMessageContext samlContext) {

        X509Certificate[] chain = (X509Certificate[]) samlContext.getInboundMessageTransport().getAttribute(ServletRequestX509CredentialAdapter.X509_CERT_REQUEST_ATTRIBUTE);

        if (chain != null && chain.length > 0) {

            dbg("Found certificate chain from request " + chain[0]);
            BasicX509Credential credential = new BasicX509Credential("Built in AuthServlet from context " + samlContext);
            credential.setEntityCertificate(chain[0]);
            credential.setEntityCertificateChain(Arrays.asList(chain));
            samlContext.setPeerSSLCredential(credential);

        }

(It was me who added this parameter to the constructor that tells it where it comes from.)

So, what happens here. We have a context, we want to "populate it". That's instead of laziness; if you don't populate, it won't work. But wait, we may as well just do nothing, if the chain is null or empty.

Have you read lately that one should never return null as an array? Here they do. They get an attribute, cast it to an array of certificates, then, maybe, oops, it's anull. Where do we get it? from "InboundMessageTransport". Can it be null? It sure can.

Now, cool, we build credential. We could as well have passed it the chain - but no! We "build" it.
First, create an instance that makes no sense.
Then provide it with the first element of an array.
Then, oh well, give it the whole array! Let it have it.
Then great, we store the result back into the context.

Is not it actually the method that should belong to context? And never be called directly? And have a flag that prevents a lot of actions if actually nothing worked? Or throw an exception... but still leave a trace if something went wrong?

Imagine, programmers, you had compilers that behave like this?

Oh well. It's Java. What happens in Java, stays in Java.

а вот ещё самодвижущийся велосипед на конно-паровой тяге

/**
 * Set implementation which provides indexed access to set members via their class,
 * and which allows only one instance of a given class to be present in the set. Null
 * members are not allowed.
 * 
 * @param  the type of object stored by this class
 */
public class ClassIndexedSet extends AbstractSet implements Set {