Les,
I'm curious - why don't our method interceptors implement the AOP
alliance interfaces? This is a pretty standard thing, used by Spring,
Guice, etc. Either way, seems like the AOP Alliance class is misplaced
in the Spring module - since AOP Alliance is not Spring-specific. I
think this should all be moved into core.
Jeremy
On Sep 22, 2008, at 8:48 AM, Les Hazlewood wrote:
Cool!
Could you give us a summary of everything that is required to get up
and running in Guice? I can add this to a tutorial. If you needed to
write any code also, that'd be great to have. :)
Thanks!
Les
On Mon, Sep 22, 2008 at 8:41 AM, Animesh Jain <[EMAIL PROTECTED]>
wrote:
Umm.. i made a very stupid mistake which I just found. All's
working well
now. Sorry for bothering :P
So Les it seems its pretty easy to integrate annotation with Guice,
just one
lie config needed.
Cheers
Animesh
On Mon, Sep 22, 2008 at 6:01 PM, Animesh Jain
<[EMAIL PROTECTED]> wrote:
Although it appears that the role check is working. Because the
annotated
method is not executing when the roles do not match. But no error
is being
thrown and the debugger is not reaching the
AopAllianceAnnotationsAuthorizingMethodInterceptor class. I've
even put a
System.out there and it only prints when the roles match, so its
not a
debugger problem.
I'm lost.
Animesh
On Mon, Sep 22, 2008 at 5:36 PM, Animesh Jain <[EMAIL PROTECTED]>
wrote:
Yes Jeremy, you're right. It works with a slight modification
(but.. not
fully, which I'll explain below) -
bindInterceptor(Matchers.any(),
Matchers.annotatedWith(RequiresRoles.class), new
AopAllianceAnnotationsAuthorizingMethodInterceptor());
Basically Guice supports the AOP Alliance api, so
RoleAnnotationMethodInterceptor and
PermissionAnnotationMethodInterceptor
cannot be bound directly as they are not implementing the
alliance api's
method interceptor. But I think Les has written
AopAllianceAnnotationsAuthorizingMethodInterceptor for this very
purpose.
Now lets come to the problem.. when I login with a user who has
a role
(lets say "person") and call a method with the annotation
RequiresRole("person"), then the
AopAllianceAnnotationsAuthorizingMethodInterceptor is getting
called and the
call is infact going all the way upto
RoleAnnotationMethodInterceptor as
expected. But if the role is something else then it is supposed
to throw a
runtime error, which is not happening, the control is not even
coming to
AopAllianceAnnotationsAuthorizingMethodInterceptor. This is very
strange.
I'm just using Idea's debugger to see where the calls are going.
So basically when all's well i.e. the subject role matches the
annotation
role, then aop seems to be working. But if the roles are
different then aop
doesn't seem to be working at all. No errors. Not even getting
called.
Any clue on what could be happening?
Kind regards
Animesh
On Fri, Sep 19, 2008 at 8:14 PM, Jeremy Haile
<[EMAIL PROTECTED]> wrote:
Animesh,
I only have light experience with Guice, but I know it supports
AOP
Alliance method interceptors, just like Spring uses - and just
like
JSecurity provides.
I think you'd simply need to bind those method interceptors as
appropriate. I haven't tried it yet, but I imagine something
like the
following code would work. Could you please try it out and let
me know if
it works?
binder.bindInterceptor( any(),
annotatedWith(RequiresRoles.class), new
RoleAnnotationMethodInterceptor());
binder.bindInterceptor( any(),
annotatedWith(RequiresPermissions.class), new
PermissionAnnotationMethodInterceptor());
Jeremy
On Sep 18, 2008, at 1:20 PM, Animesh Jain wrote:
Well, can't really do the AOP part in Spring and the rest in
Guice, its
just making things unnecessarily intertwined. So I think I'll
read up on
what capabilities Guice has for AOP and try and write a Guice
implementation
for the RequiresRoles and RequiresPermissions tags. Any pointers
will be
appreciated on what I should try to do (on a higher level),
because I've
never tried my hand at AOP before this. Guice does have method
interceptors
I believe and that should be enough here, isn't it?
Animesh
On Thu, Sep 18, 2008 at 6:54 PM, Animesh Jain <[EMAIL PROTECTED]
>
wrote:
Aah! This helps a lot. So I hope I can use this without using
Spring
for the Jsecurity Realm injection - for that I'm using Guice.
Anyway.. I'll
try this asap and update on the results. I think Jsecurity
definitely needs
some more documentation in a few areas. I'll try and write down
a few
tutorials when I find time.
Animesh
On Thu, Sep 18, 2008 at 6:45 PM, Jeremy Haile
<[EMAIL PROTECTED]>
wrote:
Animesh,
Have you added these bean definitions to Spring?
<bean id="lifecycleBeanPostProcessor"
class="org.jsecurity.spring.LifecycleBeanPostProcessor"/>
<bean
class
=
"org
.springframework
.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor"/>
<bean
class
=
"org
.jsecurity
.spring
.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager"
ref="securityManager"/>
</bean>
These are declared in webroot/WEB-INF/applicationContext.xml
in the
spring sample application along with some additional
documentation.
The first bean helps initialize and destroy JSecurity related
beans.
The DefaultAdvisorAutoProxyCreator is required to enable
Spring's
auto-proxying of beans based on annotations. The last bean adds
support
for auto-proxying method calls to beans that use JSecurity
annotations.
I hope this helps - let me know if you have more questions!
Jeremy
On Thu, 18 Sep 2008 18:30:40 +0530, "Animesh Jain"
<[EMAIL PROTECTED]> said:
I guess I'm missing setting it up with some AOP framework is
it?
On Wed, Sep 17, 2008 at 11:25 PM, Animesh Jain
<[EMAIL PROTECTED]>
wrote:
Hi
As I understood from the documentation, a checked exception
will
be thrown
if for eg. a user does not have the role specified by
@RequiresRoles. But
nothing's happening, the method gets executed regardless. In
my
particular
case I want the method to fire only when a user of a
particular
role is
logged in, but that method is executing even if I try after
logout. What am
I missing :|
Animesh
