Groovy Module

The Groovy module consists of 2 parts:

Commons Groovy Module

The Groovy execution API provides the possibility to define GroovyCompilationCustomizer components in order to customize the execution of Groovy scripts: automatically add imports, stop script execution after a certain timeout, prevent using some imports, statements or operators.

The module also provides a TimedInterruptCustomizerConfiguration interface allowing to stop executing Groovy scripts after a certain timeout thus preventing long running operations. 

The Timed Interrupt Customizer works only for Groovy code but if this one calls Java methods which take a long time to execute, the execution will be stopped only when the Groovy code regains control.

Implement a Timed Interrupt Customizer

To implement a customizer, you need to add a Component implementing the GroovyCompilationCustomizer Component Role, then to implement the CompilationCustomizer createCustomizer(); method.

public class TimedInterruptGroovyCompilationCustomizer implements GroovyCompilationCustomizer
     * Used to get the script timeout configuration parameter value.

  private TimedInterruptCustomizerConfiguration configuration;

  public CompilationCustomizer createCustomizer()
        Map<String, Object> parameters = new HashMap<String, Object>();
        parameters.put("value", this.configuration.getTimeout());
      return new ASTTransformationCustomizer(parameters, TimedInterrupt.class);

Since Groovy customizers are not enabled by default, each time you create one, you have to edit the WEB-INF/ file and add the groovy.compilationCustomizers property. The value will be a coma-separated list of customizer identifiers, like for instance:


Additionally, you can use the groovy.customizer.timedInterrupt.timeout parameter in order to configure the Timed Interrupt Customizer timeout. The value should be in seconds.

Platform Groovy Module

The Platform Groovy module complements the Commons Groovy module by adding a Secure Groovy Compilation Customizer allowing to run Groovy scripts in a Security Sandbox. The Secure Customizer prevents:

  • bytecode expressions and sequences
  • synchronized blocks; e.g. synchronized(this) { }
  • imports
  • method definition
  • any token

Just like in the above example, in order to enable the Secure Groovy Compilation Customizer, you have to edit the WEB-INF/ file and add the groovy.compilationCustomizers property as follows: groovy.compilationCustomizers=secure 


Related Pages

Trying to decide between Cloud and On Premise? See the comparison on the XWiki Help Center.

Search this space