Sure thing Les, will definitely contribute back all the integration I'm able to do. Its just that I'm new to Guice and AOP in general, so it might take me a while to get things working well. I'll keep you guys posted on this thread.
Animesh On Fri, Sep 19, 2008 at 12:52 AM, Les Hazlewood <[EMAIL PROTECTED]>wrote: > Hi Animesh, > > Yep, you're on the right track. Basically in Spring environments, > JSecurity uses the Spring built-in and annotation processing support. > If you look in the Spring sample application's applicationContext.xml > file, you'll see two bean definitions: > > <bean > class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" > depends-on="lifecycleBeanPostProcessor"/> > <bean > class="org.jsecurity.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> > <property name="securityManager" ref="securityManager"/> > </bean> > > That's all it takes in Spring to support annotations because Spring > does all the heavy lifting. If you look at the source for > AuthorizationAttributeSourceAdvisor, you might get ideas on how to do > this same thing in a Guice-specific way. > > Btw, please keep track of your Guice integration efforts > (GuiceIniWebConfiguration + annotations, etc). We'd love it if you > could contribute that back to the project! > > Please keep us posted! > > Regards, > > Les > > On Thu, Sep 18, 2008 at 1:20 PM, Animesh Jain <[EMAIL PROTECTED]> > wrote: > > Well, can't really do the AOP part in Spring and the rest in Guice, its > just > > making things unnecessarily intertwined. So I think I'll read up on what > > capabilities Guice has for AOP and try and write a Guice implementation > for > > the RequiresRoles and RequiresPermissions tags. Any pointers will be > > appreciated on what I should try to do (on a higher level), because I've > > never tried my hand at AOP before this. Guice does have method > interceptors > > I believe and that should be enough here, isn't it? > > > > Animesh > > > > On Thu, Sep 18, 2008 at 6:54 PM, Animesh Jain <[EMAIL PROTECTED]> > wrote: > >> > >> Aah! This helps a lot. So I hope I can use this without using Spring for > >> the Jsecurity Realm injection - for that I'm using Guice. Anyway.. I'll > try > >> this asap and update on the results. I think Jsecurity definitely needs > some > >> more documentation in a few areas. I'll try and write down a few > tutorials > >> when I find time. > >> > >> Animesh > >> > >> On Thu, Sep 18, 2008 at 6:45 PM, Jeremy Haile <[EMAIL PROTECTED]> > wrote: > >>> > >>> Animesh, > >>> > >>> Have you added these bean definitions to Spring? > >>> > >>> <bean id="lifecycleBeanPostProcessor" > >>> class="org.jsecurity.spring.LifecycleBeanPostProcessor"/> > >>> <bean > >>> > >>> > class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" > >>> depends-on="lifecycleBeanPostProcessor"/> > >>> <bean > >>> > >>> > > class="org.jsecurity.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> > >>> <property name="securityManager" ref="securityManager"/> > >>> </bean> > >>> > >>> These are declared in webroot/WEB-INF/applicationContext.xml in the > >>> spring sample application along with some additional documentation. > >>> > >>> The first bean helps initialize and destroy JSecurity related beans. > >>> The DefaultAdvisorAutoProxyCreator is required to enable Spring's > >>> auto-proxying of beans based on annotations. The last bean adds > support > >>> for auto-proxying method calls to beans that use JSecurity annotations. > >>> > >>> I hope this helps - let me know if you have more questions! > >>> > >>> Jeremy > >>> > >>> On Thu, 18 Sep 2008 18:30:40 +0530, "Animesh Jain" > >>> <[EMAIL PROTECTED]> said: > >>> > I guess I'm missing setting it up with some AOP framework is it? > >>> > > >>> > On Wed, Sep 17, 2008 at 11:25 PM, Animesh Jain <[EMAIL PROTECTED] > > > >>> > wrote: > >>> > > >>> > > Hi > >>> > > > >>> > > As I understood from the documentation, a checked exception will be > >>> > > thrown > >>> > > if for eg. a user does not have the role specified by > @RequiresRoles. > >>> > > But > >>> > > nothing's happening, the method gets executed regardless. In my > >>> > > particular > >>> > > case I want the method to fire only when a user of a particular > role > >>> > > is > >>> > > logged in, but that method is executing even if I try after logout. > >>> > > What am > >>> > > I missing :| > >>> > > > >>> > > Animesh > >>> > > > >> > > > > >
