sona java plugin: missing rule description

diff --git a/Sonar/Plugins/sonar-custom-java-plugin/src/main/resources/de/example/l10n/java/rules/custom/GUJ0002_java.html b/Sonar/Plugins/sonar-custom-java-plugin/src/main/resources/de/example/l10n/java/rules/custom/GUJ0002_java.html
new file mode 100644 (file)
index 0000000..6aa05e1
--- /dev/null
+++ b/Sonar/Plugins/sonar-custom-java-plugin/src/main/resources/de/example/l10n/java/rules/custom/GUJ0002_java.html
@@ -0,0 +1,23 @@
+<p>All threads are sharing the Spring Service instances and by extension instance fields. All Spring Service fields should then be either 
+<code>static</code> and/or <code>final</code>, or simply removed.</p>
+<h2>Noncompliant Code Example</h2>
+<pre>
+@Service("myService")
+public class MyServiceImpl implements MyService {
+  private String userName;  //As this field is shared by all users, it's obvious that this piece of information should be managed differently
+  ...
+}
+</pre>
+<p>or </p>
+<pre>
+@Named("myService")
+public class MyServiceImpl extends MyService {
+  private String userName;  //Same reason
+  ...
+}
+</pre>
+<h2>See</h2>
+<ul>
+  <li> <a href="https://www.securecoding.cert.org/confluence/x/EYBUC">CERT, MSC11-J.</a> - Do not let session information leak within a servlet </li>
+</ul>
+

diff --git a/Sonar/Plugins/sonar-custom-java-plugin/src/main/resources/de/example/l10n/java/rules/custom/GUJ0002_java.json b/Sonar/Plugins/sonar-custom-java-plugin/src/main/resources/de/example/l10n/java/rules/custom/GUJ0002_java.json
new file mode 100644 (file)
index 0000000..e0fdd18
--- /dev/null
+++ b/Sonar/Plugins/sonar-custom-java-plugin/src/main/resources/de/example/l10n/java/rules/custom/GUJ0002_java.json
@@ -0,0 +1,13 @@
+{
+  "title": "Spring services should not have mutable instance fields",
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "30min"
+  },
+  "tags": [
+    "multi-threading",
+    "bug"
+  ],
+  "defaultSeverity": "Major"
+}