Hi Devs, Just wanted to inform that Guice [1] (an aspect oriented programming framework provided by Google and released under Apache 2.0 license) can be used to enforce cross cutting aspects such as security, logging etc, without embedding the code related to such aspects within the API methods themselves.
Since Thrift doesn't support interception of Thrift service calls, earlier, the security enforcement was applied as the first line of execution in each API call, which I felt is not a clean way of doing that. With the support of Guice (about which I got to know from a recent discussion in thrift mailing list), security enforcement could be moved to a separate interceptor and is enforced on each method only by an annotation. Hope the same mechanism could be used to enforce any other cross cutting aspects on the airavata thrift API calls. This change is implemented in the pull request[2], along with API method changes related to security. Thanks, Hasini. [1] https://github.com/google/guice/wiki/AOP#example-forbidding-method-calls-on-weekends [2] https://github.com/apache/airavata/pull/23
