|
I was wondering if you guys have ever considered an “after”
method execution security interceptor. The reason I ask is that I have a
voter that needs to retrieve the ACL entries for an object but it needs the
object to get its object identity and hence its ACL entries. For writes,
I know the identity and can query for the ACL before the method executes.
For reads however, I need to retrieve the object to know its identity since I
just have some criteria passed from the client. The method intercepted
knows the type of object to fetch but the voter does not. In addition, it
would be better to fetch the object only once. The inability of the voter to know which type (class) of
object it is securing is the source of my problem. It would be nice if
Acegi was configurable to provide advice after the method execution. IMHO,
I think this support would require a big change in the current architecture.
The way I was going to get around this is to create an interceptor that placed
after advice on the method I wanted to secure and as a last step passed the
return object as a param into a method that had the acegi interceptor on it.
Can you say HACK. Any advice? ----------------------------------------- Andres March Platform - Apps Engineering Sony Online Entertainment desk: 858.577.3373 cell: 619.519.1519 |
