Cool!
Could you give us a summary of everything that is required to get up
and running in Guice? I can add this to a tutorial. If you needed to
write any code also, that'd be great to have. :)
Thanks!
Les
On Mon, Sep 22, 2008 at 8:41 AM, Animesh Jain <[EMAIL PROTECTED]> wrote:
> Umm.. i made a very stupid mistake which I just found. All's working well
> now. Sorry for bothering :P
>
> So Les it seems its pretty easy to integrate annotation with Guice, just one
> lie config needed.
>
> Cheers
> Animesh
>
> On Mon, Sep 22, 2008 at 6:01 PM, Animesh Jain <[EMAIL PROTECTED]> wrote:
>>
>> Although it appears that the role check is working. Because the annotated
>> method is not executing when the roles do not match. But no error is being
>> thrown and the debugger is not reaching the
>> AopAllianceAnnotationsAuthorizingMethodInterceptor class. I've even put a
>> System.out there and it only prints when the roles match, so its not a
>> debugger problem.
>>
>> I'm lost.
>>
>> Animesh
>>
>> On Mon, Sep 22, 2008 at 5:36 PM, Animesh Jain <[EMAIL PROTECTED]>
>> wrote:
>>>
>>> Yes Jeremy, you're right. It works with a slight modification (but.. not
>>> fully, which I'll explain below) -
>>>
>>> bindInterceptor(Matchers.any(),
>>> Matchers.annotatedWith(RequiresRoles.class), new
>>> AopAllianceAnnotationsAuthorizingMethodInterceptor());
>>>
>>> Basically Guice supports the AOP Alliance api, so
>>> RoleAnnotationMethodInterceptor and PermissionAnnotationMethodInterceptor
>>> cannot be bound directly as they are not implementing the alliance api's
>>> method interceptor. But I think Les has written
>>> AopAllianceAnnotationsAuthorizingMethodInterceptor for this very purpose.
>>>
>>> Now lets come to the problem.. when I login with a user who has a role
>>> (lets say "person") and call a method with the annotation
>>> RequiresRole("person"), then the
>>> AopAllianceAnnotationsAuthorizingMethodInterceptor is getting called and the
>>> call is infact going all the way upto RoleAnnotationMethodInterceptor as
>>> expected. But if the role is something else then it is supposed to throw a
>>> runtime error, which is not happening, the control is not even coming to
>>> AopAllianceAnnotationsAuthorizingMethodInterceptor. This is very strange.
>>> I'm just using Idea's debugger to see where the calls are going.
>>>
>>> So basically when all's well i.e. the subject role matches the annotation
>>> role, then aop seems to be working. But if the roles are different then aop
>>> doesn't seem to be working at all. No errors. Not even getting called.
>>>
>>> Any clue on what could be happening?
>>>
>>> Kind regards
>>> Animesh
>>>
>>>
>>> On Fri, Sep 19, 2008 at 8:14 PM, Jeremy Haile <[EMAIL PROTECTED]> wrote:
>>>>
>>>> Animesh,
>>>> I only have light experience with Guice, but I know it supports AOP
>>>> Alliance method interceptors, just like Spring uses - and just like
>>>> JSecurity provides.
>>>> I think you'd simply need to bind those method interceptors as
>>>> appropriate. I haven't tried it yet, but I imagine something like the
>>>> following code would work. Could you please try it out and let me know if
>>>> it works?
>>>> binder.bindInterceptor( any(), annotatedWith(RequiresRoles.class), new
>>>> RoleAnnotationMethodInterceptor());
>>>> binder.bindInterceptor( any(),
>>>> annotatedWith(RequiresPermissions.class), new
>>>> PermissionAnnotationMethodInterceptor());
>>>> Jeremy
>>>>
>>>>
>>>> On Sep 18, 2008, at 1:20 PM, Animesh Jain wrote:
>>>>
>>>> Well, can't really do the AOP part in Spring and the rest in Guice, its
>>>> just making things unnecessarily intertwined. So I think I'll read up on
>>>> what capabilities Guice has for AOP and try and write a Guice
>>>> implementation
>>>> for the RequiresRoles and RequiresPermissions tags. Any pointers will be
>>>> appreciated on what I should try to do (on a higher level), because I've
>>>> never tried my hand at AOP before this. Guice does have method interceptors
>>>> I believe and that should be enough here, isn't it?
>>>>
>>>> Animesh
>>>>
>>>> On Thu, Sep 18, 2008 at 6:54 PM, Animesh Jain <[EMAIL PROTECTED]>
>>>> wrote:
>>>>>
>>>>> Aah! This helps a lot. So I hope I can use this without using Spring
>>>>> for the Jsecurity Realm injection - for that I'm using Guice. Anyway..
>>>>> I'll
>>>>> try this asap and update on the results. I think Jsecurity definitely
>>>>> needs
>>>>> some more documentation in a few areas. I'll try and write down a few
>>>>> tutorials when I find time.
>>>>>
>>>>> Animesh
>>>>>
>>>>> On Thu, Sep 18, 2008 at 6:45 PM, Jeremy Haile <[EMAIL PROTECTED]>
>>>>> wrote:
>>>>>>
>>>>>> Animesh,
>>>>>>
>>>>>> Have you added these bean definitions to Spring?
>>>>>>
>>>>>> <bean id="lifecycleBeanPostProcessor"
>>>>>> class="org.jsecurity.spring.LifecycleBeanPostProcessor"/>
>>>>>> <bean
>>>>>>
>>>>>> class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
>>>>>> depends-on="lifecycleBeanPostProcessor"/>
>>>>>> <bean
>>>>>>
>>>>>>
>>>>>> class="org.jsecurity.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
>>>>>> <property name="securityManager" ref="securityManager"/>
>>>>>> </bean>
>>>>>>
>>>>>> These are declared in webroot/WEB-INF/applicationContext.xml in the
>>>>>> spring sample application along with some additional documentation.
>>>>>>
>>>>>> The first bean helps initialize and destroy JSecurity related beans.
>>>>>> The DefaultAdvisorAutoProxyCreator is required to enable Spring's
>>>>>> auto-proxying of beans based on annotations. The last bean adds
>>>>>> support
>>>>>> for auto-proxying method calls to beans that use JSecurity
>>>>>> annotations.
>>>>>>
>>>>>> I hope this helps - let me know if you have more questions!
>>>>>>
>>>>>> Jeremy
>>>>>>
>>>>>> On Thu, 18 Sep 2008 18:30:40 +0530, "Animesh Jain"
>>>>>> <[EMAIL PROTECTED]> said:
>>>>>> > I guess I'm missing setting it up with some AOP framework is it?
>>>>>> >
>>>>>> > On Wed, Sep 17, 2008 at 11:25 PM, Animesh Jain
>>>>>> > <[EMAIL PROTECTED]>
>>>>>> > wrote:
>>>>>> >
>>>>>> > > Hi
>>>>>> > >
>>>>>> > > As I understood from the documentation, a checked exception will
>>>>>> > > be thrown
>>>>>> > > if for eg. a user does not have the role specified by
>>>>>> > > @RequiresRoles. But
>>>>>> > > nothing's happening, the method gets executed regardless. In my
>>>>>> > > particular
>>>>>> > > case I want the method to fire only when a user of a particular
>>>>>> > > role is
>>>>>> > > logged in, but that method is executing even if I try after
>>>>>> > > logout. What am
>>>>>> > > I missing :|
>>>>>> > >
>>>>>> > > Animesh
>>>>>> > >
>>>>>
>>>>
>>>>
>>>
>>
>
>
