Groovy as a flexible, lightweight dynamic language is a natural companion in a Cloud computing environment. It is the ideal scripting engine to customize your web application in a multitenancy PaaS environment (like Jenkins, Oracle ADFm among well known use cases).
Besides, you can customize your API close to your domain expert, writing your DSL in no time. But with great power comes great responsibilities… How can you make sure scripts written by end users won’t damage your application server in production? How can you validate them and catch errors as soon as possible? How can you secure the runtime execution of your scripts?
Groovy provides several tools to help, such as the ThreadInterrupt AST transformation or the SecureASTCustomizer. This video shows what you can achieve with those tools, but also their limitations, which led to a contribution we made to the community: securing scripts at runtime.
Video producer: http://greachconf.com/