Animesh,
Have you added these bean definitions to Spring?
<bean id="lifecycleBeanPostProcessor"
class="org.jsecurity.spring.LifecycleBeanPostProcessor"/>
<bean
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor"/>
<bean
class="org.jsecurity.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
These are declared in webroot/WEB-INF/applicationContext.xml in the
spring sample application along with some additional documentation.
The first bean helps initialize and destroy JSecurity related beans.
The DefaultAdvisorAutoProxyCreator is required to enable Spring's
auto-proxying of beans based on annotations. The last bean adds support
for auto-proxying method calls to beans that use JSecurity annotations.
I hope this helps - let me know if you have more questions!
Jeremy
On Thu, 18 Sep 2008 18:30:40 +0530, "Animesh Jain"
<[EMAIL PROTECTED]> said:
> I guess I'm missing setting it up with some AOP framework is it?
>
> On Wed, Sep 17, 2008 at 11:25 PM, Animesh Jain <[EMAIL PROTECTED]>
> wrote:
>
> > Hi
> >
> > As I understood from the documentation, a checked exception will be thrown
> > if for eg. a user does not have the role specified by @RequiresRoles. But
> > nothing's happening, the method gets executed regardless. In my particular
> > case I want the method to fire only when a user of a particular role is
> > logged in, but that method is executing even if I try after logout. What am
> > I missing :|
> >
> > Animesh
> >
