Well, can't really do the AOP part in Spring and the rest in Guice, its just making things unnecessarily intertwined. So I think I'll read up on what capabilities Guice has for AOP and try and write a Guice implementation for the RequiresRoles and RequiresPermissions tags. Any pointers will be appreciated on what I should try to do (on a higher level), because I've never tried my hand at AOP before this. Guice does have method interceptors I believe and that should be enough here, isn't it?
Animesh On Thu, Sep 18, 2008 at 6:54 PM, Animesh Jain <[EMAIL PROTECTED]> wrote: > Aah! This helps a lot. So I hope I can use this without using Spring for > the Jsecurity Realm injection - for that I'm using Guice. Anyway.. I'll try > this asap and update on the results. I think Jsecurity definitely needs some > more documentation in a few areas. I'll try and write down a few tutorials > when I find time. > > Animesh > > > On Thu, Sep 18, 2008 at 6:45 PM, Jeremy Haile <[EMAIL PROTECTED]> wrote: > >> Animesh, >> >> Have you added these bean definitions to Spring? >> >> <bean id="lifecycleBeanPostProcessor" >> class="org.jsecurity.spring.LifecycleBeanPostProcessor"/> >> <bean >> >> class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" >> depends-on="lifecycleBeanPostProcessor"/> >> <bean >> >> >> class="org.jsecurity.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> >> <property name="securityManager" ref="securityManager"/> >> </bean> >> >> These are declared in webroot/WEB-INF/applicationContext.xml in the >> spring sample application along with some additional documentation. >> >> The first bean helps initialize and destroy JSecurity related beans. >> The DefaultAdvisorAutoProxyCreator is required to enable Spring's >> auto-proxying of beans based on annotations. The last bean adds support >> for auto-proxying method calls to beans that use JSecurity annotations. >> >> I hope this helps - let me know if you have more questions! >> >> Jeremy >> >> On Thu, 18 Sep 2008 18:30:40 +0530, "Animesh Jain" >> <[EMAIL PROTECTED]> said: >> > I guess I'm missing setting it up with some AOP framework is it? >> > >> > On Wed, Sep 17, 2008 at 11:25 PM, Animesh Jain <[EMAIL PROTECTED]> >> > wrote: >> > >> > > Hi >> > > >> > > As I understood from the documentation, a checked exception will be >> thrown >> > > if for eg. a user does not have the role specified by @RequiresRoles. >> But >> > > nothing's happening, the method gets executed regardless. In my >> particular >> > > case I want the method to fire only when a user of a particular role >> is >> > > logged in, but that method is executing even if I try after logout. >> What am >> > > I missing :| >> > > >> > > Animesh >> > > >> > >
