Umm.. i made a very stupid mistake which I just found. All's working well
now. Sorry for bothering :P
So Les it seems its pretty easy to integrate annotation with Guice, just one
lie config needed.
Cheers
Animesh
On Mon, Sep 22, 2008 at 6:01 PM, Animesh Jain <[EMAIL PROTECTED]> wrote:
> Although it appears that the role check is working. Because the annotated
> method is not executing when the roles do not match. But no error is being
> thrown and the debugger is not reaching the
> AopAllianceAnnotationsAuthorizingMethodInterceptor class. I've even put a
> System.out there and it only prints when the roles match, so its not a
> debugger problem.
>
> I'm lost.
>
> Animesh
>
>
> On Mon, Sep 22, 2008 at 5:36 PM, Animesh Jain <[EMAIL PROTECTED]>wrote:
>
>> Yes Jeremy, you're right. It works with a slight modification (but.. not
>> fully, which I'll explain below) -
>>
>> bindInterceptor(Matchers.any(),
>> Matchers.annotatedWith(RequiresRoles.class), new
>> AopAllianceAnnotationsAuthorizingMethodInterceptor());
>>
>> Basically Guice supports the AOP Alliance api, so
>> RoleAnnotationMethodInterceptor and PermissionAnnotationMethodInterceptor
>> cannot be bound directly as they are not implementing the alliance api's
>> method interceptor. But I think Les has written
>> AopAllianceAnnotationsAuthorizingMethodInterceptor for this very purpose.
>>
>> Now lets come to the problem.. when I login with a user who has a role
>> (lets say "person") and call a method with the annotation
>> RequiresRole("person"), then the
>> AopAllianceAnnotationsAuthorizingMethodInterceptor is getting called and the
>> call is infact going all the way upto RoleAnnotationMethodInterceptor as
>> expected. But if the role is something else then it is supposed to throw a
>> runtime error, which is not happening, the control is not even coming to
>> AopAllianceAnnotationsAuthorizingMethodInterceptor. This is very strange.
>> I'm just using Idea's debugger to see where the calls are going.
>>
>> So basically when all's well i.e. the subject role matches the annotation
>> role, then aop seems to be working. But if the roles are different then aop
>> doesn't seem to be working at all. No errors. Not even getting called.
>>
>> Any clue on what could be happening?
>>
>> Kind regards
>> Animesh
>>
>>
>>
>> On Fri, Sep 19, 2008 at 8:14 PM, Jeremy Haile <[EMAIL PROTECTED]> wrote:
>>
>>> Animesh,
>>> I only have light experience with Guice, but I know it supports AOP
>>> Alliance method interceptors, just like Spring uses - and just like
>>> JSecurity provides.
>>>
>>> I think you'd simply need to bind those method interceptors as
>>> appropriate. I haven't tried it yet, but I imagine something like the
>>> following code would work. Could you please try it out and let me know if
>>> it works?
>>>
>>> binder.bindInterceptor( any(), annotatedWith(RequiresRoles.class), new
>>> RoleAnnotationMethodInterceptor());
>>> binder.bindInterceptor( any(),
>>> annotatedWith(RequiresPermissions.class), new
>>> PermissionAnnotationMethodInterceptor());
>>>
>>> Jeremy
>>>
>>>
>>>
>>> On Sep 18, 2008, at 1:20 PM, Animesh Jain wrote:
>>>
>>> Well, can't really do the AOP part in Spring and the rest in Guice, its
>>> just making things unnecessarily intertwined. So I think I'll read up on
>>> what capabilities Guice has for AOP and try and write a Guice implementation
>>> for the RequiresRoles and RequiresPermissions tags. Any pointers will be
>>> appreciated on what I should try to do (on a higher level), because I've
>>> never tried my hand at AOP before this. Guice does have method interceptors
>>> I believe and that should be enough here, isn't it?
>>>
>>> Animesh
>>>
>>> On Thu, Sep 18, 2008 at 6:54 PM, Animesh Jain <[EMAIL PROTECTED]>wrote:
>>>
>>>> Aah! This helps a lot. So I hope I can use this without using Spring for
>>>> the Jsecurity Realm injection - for that I'm using Guice. Anyway.. I'll try
>>>> this asap and update on the results. I think Jsecurity definitely needs
>>>> some
>>>> more documentation in a few areas. I'll try and write down a few tutorials
>>>> when I find time.
>>>>
>>>> Animesh
>>>>
>>>>
>>>> On Thu, Sep 18, 2008 at 6:45 PM, Jeremy Haile <[EMAIL PROTECTED]>wrote:
>>>>
>>>>> Animesh,
>>>>>
>>>>> Have you added these bean definitions to Spring?
>>>>>
>>>>> <bean id="lifecycleBeanPostProcessor"
>>>>> class="org.jsecurity.spring.LifecycleBeanPostProcessor"/>
>>>>> <bean
>>>>>
>>>>> class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
>>>>> depends-on="lifecycleBeanPostProcessor"/>
>>>>> <bean
>>>>>
>>>>>
>>>>> class="org.jsecurity.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
>>>>> <property name="securityManager" ref="securityManager"/>
>>>>> </bean>
>>>>>
>>>>> These are declared in webroot/WEB-INF/applicationContext.xml in the
>>>>> spring sample application along with some additional documentation.
>>>>>
>>>>> The first bean helps initialize and destroy JSecurity related beans.
>>>>> The DefaultAdvisorAutoProxyCreator is required to enable Spring's
>>>>> auto-proxying of beans based on annotations. The last bean adds
>>>>> support
>>>>> for auto-proxying method calls to beans that use JSecurity annotations.
>>>>>
>>>>> I hope this helps - let me know if you have more questions!
>>>>>
>>>>> Jeremy
>>>>>
>>>>> On Thu, 18 Sep 2008 18:30:40 +0530, "Animesh Jain"
>>>>> <[EMAIL PROTECTED]> said:
>>>>> > I guess I'm missing setting it up with some AOP framework is it?
>>>>> >
>>>>> > On Wed, Sep 17, 2008 at 11:25 PM, Animesh Jain <[EMAIL PROTECTED]
>>>>> >
>>>>> > wrote:
>>>>> >
>>>>> > > Hi
>>>>> > >
>>>>> > > As I understood from the documentation, a checked exception will be
>>>>> thrown
>>>>> > > if for eg. a user does not have the role specified by
>>>>> @RequiresRoles. But
>>>>> > > nothing's happening, the method gets executed regardless. In my
>>>>> particular
>>>>> > > case I want the method to fire only when a user of a particular
>>>>> role is
>>>>> > > logged in, but that method is executing even if I try after logout.
>>>>> What am
>>>>> > > I missing :|
>>>>> > >
>>>>> > > Animesh
>>>>> > >
>>>>>
>>>>
>>>>
>>>
>>>
>>
>
