Skip to main content

The Dreaded Service Locator Pattern

Torbjørn Marø recently blogged about Dependency Injection, due to Mark Seeman visiting the Norwegian .Net User Group in Bergen. This triggered my thinking about the dreaded Service Locator.

I have worked with several teams that favored a home-made ServiceLocator class, a static component referencing a set of services, typically chunks of functionality that are singletons that interact with something external like database, filesystem, or web-service.

My beef with the Service Locator is that you can put it in, and use it from anywhere: It can be used to grab services in a controller/action component, inside a service, in a domain object, inside a for-loop, anywhere. This sounds pretty powerful, but ends up bringing in a lot of maintenance problems.

Now, in spite of my troublesome experiences with it, I keep finding myself being pretty lousy at explaining the disadvantages of a ServiceLocator to my peers.

I therefore hunted through Seeman's blog for some better explanations, and here's what I found:

He totally nails it in the first post:
Service Locator is a well-known pattern, and since it was described by Martin Fowler, it must be good, right?
No, it’s actually an anti-pattern and should be avoided.
Let’s examine why this is so. In short, the problem with Service Locator is that it hides a class’ dependencies, causing run-time errors instead of compile-time errors, as well as making the code more difficult to maintain because it becomes unclear when you would be introducing a breaking change.
Also have a look at the comments for some more discussion and affirmation.

Seeman has also written a book on the subject of DI, and Service Locator is discussed within. I haven't read it, but it sounds pretty good, especially if you work with .Net.

In case you got a little lost in his C# examples, here's my own take on it:

Let's say you want to test a CustomerRepository (an already initialized field in this test class):

@Test customerRepositoryHasCustomers {
  assertTrue(customerRepository.hasCustomers());
}

Bang! This explodes in a null-pointer because you haven't injected the proper services that are used inside the hasCustomers method (via ServiceLocator). So you try again:

@Test customerRepositoryHasCustomers {
  ServiceLocator.setRemoteCustomerService(new MockCustomerService());
  assertTrue(customerRepository.hasCustomers());
}
Bang again! This is because there is another service which is used inside the hasCustomers method a little later. 

As you can see, once you know what you need, the ServiceLocator is pretty straight forward to use.  And you don't notice this need during runtime, because the ServiceLocator is fully populated during startup.  

(This explains why the Service Locator being a perfectly fine pattern for those who don't enjoy writing tests.)

Then there's the maintenance issue: If you change the hasCustomers method to make use of even more services, you won't discover that the tests are broken until you run them again. Also the other way around: If you remove use of services in the method, you aren't reminded to remove this superflous setup from your tests.

In total, Service Locator removes a whole lot of compile-time verification that would be nice to have. Again, this doesn't matter much for those who don't write tests.

But, it does matter for the over all drive towards good code and architecture. Quoting Mark Seeman again (from the end of the third post):
Refactoring from Service Locator to Abstract Factories make it more painful to violate the SRP.
Using Service Locators breaks the window that usually stops you from giving a class too much responsibility. Usually, when you see the number of constructor, or method arguments are towering past a handful, you start thinking "refactor?". But with the Service Locator in use, you don't get this reaction.

Popular posts from this blog

Encrypting and Decrypting with Spring

I was recently working with protecting some sensitive data in a typical Java application with a database underneath. We convert the data on its way out of the application using Spring Security Crypto Utilities. It "was decided" that we'd be doing AES with a key-length of 256, and this just happens to be the kind of encryption Spring crypto does out of the box. Sweet!

The big aber is that whatever JRE is running the application has to be patched with Oracle's JCE in order to do 256 bits. It's a fascinating story, the short version being that U.S. companies are restricted from exporting various encryption algorithms to certain countries, and some countries are restricted from importing them.

Once I had patched my JRE with the JCE, I found it fascinating how straight forward it was to encrypt and decrypt using the Spring Encryptors. So just for fun at the weekend, I threw together a little desktop app that will encrypt and decrypt stuff for the given password and sa…

Managing dot-files with vcsh and myrepos

Say I want to get my dot-files out on a new computer. Here's what I do:

# install vcsh & myrepos via apt/brew/etc
vcsh clone https://github.com/tfnico/config-mr.git mr
mr update

Done! All dot-files are ready to use and in place. No deploy command, no linking up symlinks to the files. No checking/out in my entire home directory as a Git repository. Yet, all my dot-files are neatly kept in fine-grained repositories, and any changes I make are immediately ready to be committed:

config-atom.git
    -> ~/.atom/*

config-mr.git
    -> ~/.mrconfig
    -> ~/.config/mr/*

config-tmuxinator.git  
    -> ~/.tmuxinator/*

config-vim.git
    -> ~/.vimrc
    -> ~/.vim/*

config-bin.git   
    -> ~/bin/*

config-git.git          
    -> ~/.gitconfig

config-tmux.git  
    -> ~/.tmux.conf    

config-zsh.git
    -> ~/.zshrc

How can this be? The key here is to use vcsh to keep track of your dot-files, and its partner myrepos/mr for operating on many repositories at the same time.

I discovere…

Always use git-svn with --prefix

TLDR: I've recently been forced back into using git-svn, and while I was at it, I noticed that git-svn generally behaves a lot better when it is initialized using the --prefix option.

Frankly, I can't see any reason why you would ever want to use git-svn without --prefix. It even added some major simplifications to my old git-svn mirror setup.

Update: Some of the advantages of this solution will disappear in newer versions of Git.

For example, make a standard-layout svn clone:

$ git svn clone -s https://svn.company.com/repos/project-foo/

You'll get this .git/config:

[svn-remote "svn"]
        url = https://svn.company.com/repos/
        fetch = project-foo/trunk:refs/remotes/trunk
        branches = project-foo/branches/*:refs/remotes/*
        tags = project-foo/tags/*:refs/remotes/tags/*

And the remote branches looks like this (git branch -a):
    remotes/trunk
    remotes/feat-bar

(Compared to regular remote branches, they look very odd because there is no remote name i…

Considerations for JavaScript in Modern (2013) Java/Maven Projects

Disclaimer: I'm a Java developer, not a JavaScript developer. This is just what I've picked up the last years plus a little research the last days. It's just a snapshot of my current knowledge and opinions on the day of writing, apt to change over the next weeks/months.

We've gone all modern in our web applications, doing MVC on the client side with AngularJS or Ember, building single-page webapps with REST backends. But how are we managing the growing amount of JavaScript in our application?
You ain't in Kansas anymore So far we've just been doing half-random stuff. We download some version of a library and throw it into our src/main/webapp/js/lib, or we use it from a CDN, which may be down or unreachable when we want to use the application..

Some times the JS is minified, other times it's not. Some times we name the file with version number, other times without. Some times we get the latest library of master branch and name it with the commit-id in the fi…

Microsoft ups their Git efforts another notch

This week Microsoft announced first class Git support embedded in the coming version of Visual Studio.

Now, it's not completely shocking. We could have seen it coming since Microsoft started offering Git repos on CodePlex, and more recently offering a Git client for TFS. In any case, these are some big news. Scott Hanselman weighs on some features and some more background here.

For those who are a bit unaware of what the Git situation on Windows looks like these days, I've dotted down these notes:
Some explanation on these:

msysGit has long been The Way to use Git on Windows. It's basically a port of Git itself, so it's a command-line tool.GitExtensions (includes Visual Studio integration), TortoiseGit, Git Shell, posh-git and most other tools are powered by msysGit.libgit2 is a native library for doing Git stuff. It is developed completely separate from Git itself. The above tools could (and should) probably use libgit2 instead of hooking onto and around msysGit.Github…