Sounds great - thanks again :)
On Mon, Sep 22, 2008 at 8:51 AM, Animesh Jain <[EMAIL PROTECTED]> wrote:
> Yeah I'll get everything together along with a short document/tutorial. Give
> me a few days for that.
>
> Animesh
>
> On Mon, Sep 22, 2008 at 6:18 PM, Les Hazlewood <[EMAIL PROTECTED]> wrote:
>>
>> Cool!
>>
>> Could you give us a summary of everything that is required to get up
>> and running in Guice? I can add this to a tutorial. If you needed to
>> write any code also, that'd be great to have. :)
>>
>> Thanks!
>>
>> Les
>>
>> On Mon, Sep 22, 2008 at 8:41 AM, Animesh Jain <[EMAIL PROTECTED]>
>> wrote:
>> > Umm.. i made a very stupid mistake which I just found. All's working
>> > well
>> > now. Sorry for bothering :P
>> >
>> > So Les it seems its pretty easy to integrate annotation with Guice, just
>> > one
>> > lie config needed.
>> >
>> > Cheers
>> > Animesh
>> >
>> > On Mon, Sep 22, 2008 at 6:01 PM, Animesh Jain <[EMAIL PROTECTED]>
>> > wrote:
>> >>
>> >> Although it appears that the role check is working. Because the
>> >> annotated
>> >> method is not executing when the roles do not match. But no error is
>> >> being
>> >> thrown and the debugger is not reaching the
>> >> AopAllianceAnnotationsAuthorizingMethodInterceptor class. I've even put
>> >> a
>> >> System.out there and it only prints when the roles match, so its not a
>> >> debugger problem.
>> >>
>> >> I'm lost.
>> >>
>> >> Animesh
>> >>
>> >> On Mon, Sep 22, 2008 at 5:36 PM, Animesh Jain <[EMAIL PROTECTED]>
>> >> wrote:
>> >>>
>> >>> Yes Jeremy, you're right. It works with a slight modification (but..
>> >>> not
>> >>> fully, which I'll explain below) -
>> >>>
>> >>> bindInterceptor(Matchers.any(),
>> >>> Matchers.annotatedWith(RequiresRoles.class), new
>> >>> AopAllianceAnnotationsAuthorizingMethodInterceptor());
>> >>>
>> >>> Basically Guice supports the AOP Alliance api, so
>> >>> RoleAnnotationMethodInterceptor and
>> >>> PermissionAnnotationMethodInterceptor
>> >>> cannot be bound directly as they are not implementing the alliance
>> >>> api's
>> >>> method interceptor. But I think Les has written
>> >>> AopAllianceAnnotationsAuthorizingMethodInterceptor for this very
>> >>> purpose.
>> >>>
>> >>> Now lets come to the problem.. when I login with a user who has a
>> >>> role
>> >>> (lets say "person") and call a method with the annotation
>> >>> RequiresRole("person"), then the
>> >>> AopAllianceAnnotationsAuthorizingMethodInterceptor is getting called
>> >>> and the
>> >>> call is infact going all the way upto RoleAnnotationMethodInterceptor
>> >>> as
>> >>> expected. But if the role is something else then it is supposed to
>> >>> throw a
>> >>> runtime error, which is not happening, the control is not even coming
>> >>> to
>> >>> AopAllianceAnnotationsAuthorizingMethodInterceptor. This is very
>> >>> strange.
>> >>> I'm just using Idea's debugger to see where the calls are going.
>> >>>
>> >>> So basically when all's well i.e. the subject role matches the
>> >>> annotation
>> >>> role, then aop seems to be working. But if the roles are different
>> >>> then aop
>> >>> doesn't seem to be working at all. No errors. Not even getting called.
>> >>>
>> >>> Any clue on what could be happening?
>> >>>
>> >>> Kind regards
>> >>> Animesh
>> >>>
>> >>>
>> >>> On Fri, Sep 19, 2008 at 8:14 PM, Jeremy Haile <[EMAIL PROTECTED]>
>> >>> wrote:
>> >>>>
>> >>>> Animesh,
>> >>>> I only have light experience with Guice, but I know it supports AOP
>> >>>> Alliance method interceptors, just like Spring uses - and just like
>> >>>> JSecurity provides.
>> >>>> I think you'd simply need to bind those method interceptors as
>> >>>> appropriate. I haven't tried it yet, but I imagine something like
>> >>>> the
>> >>>> following code would work. Could you please try it out and let me
>> >>>> know if
>> >>>> it works?
>> >>>> binder.bindInterceptor( any(), annotatedWith(RequiresRoles.class),
>> >>>> new
>> >>>> RoleAnnotationMethodInterceptor());
>> >>>> binder.bindInterceptor( any(),
>> >>>> annotatedWith(RequiresPermissions.class), new
>> >>>> PermissionAnnotationMethodInterceptor());
>> >>>> Jeremy
>> >>>>
>> >>>>
>> >>>> On Sep 18, 2008, at 1:20 PM, Animesh Jain wrote:
>> >>>>
>> >>>> Well, can't really do the AOP part in Spring and the rest in Guice,
>> >>>> its
>> >>>> just making things unnecessarily intertwined. So I think I'll read up
>> >>>> on
>> >>>> what capabilities Guice has for AOP and try and write a Guice
>> >>>> implementation
>> >>>> for the RequiresRoles and RequiresPermissions tags. Any pointers will
>> >>>> be
>> >>>> appreciated on what I should try to do (on a higher level), because
>> >>>> I've
>> >>>> never tried my hand at AOP before this. Guice does have method
>> >>>> interceptors
>> >>>> I believe and that should be enough here, isn't it?
>> >>>>
>> >>>> Animesh
>> >>>>
>> >>>> On Thu, Sep 18, 2008 at 6:54 PM, Animesh Jain <[EMAIL PROTECTED]>
>> >>>> wrote:
>> >>>>>
>> >>>>> Aah! This helps a lot. So I hope I can use this without using Spring
>> >>>>> for the Jsecurity Realm injection - for that I'm using Guice.
>> >>>>> Anyway.. I'll
>> >>>>> try this asap and update on the results. I think Jsecurity
>> >>>>> definitely needs
>> >>>>> some more documentation in a few areas. I'll try and write down a
>> >>>>> few
>> >>>>> tutorials when I find time.
>> >>>>>
>> >>>>> Animesh
>> >>>>>
>> >>>>> On Thu, Sep 18, 2008 at 6:45 PM, Jeremy Haile <[EMAIL PROTECTED]>
>> >>>>> wrote:
>> >>>>>>
>> >>>>>> Animesh,
>> >>>>>>
>> >>>>>> Have you added these bean definitions to Spring?
>> >>>>>>
>> >>>>>> <bean id="lifecycleBeanPostProcessor"
>> >>>>>> class="org.jsecurity.spring.LifecycleBeanPostProcessor"/>
>> >>>>>> <bean
>> >>>>>>
>> >>>>>>
>> >>>>>> class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
>> >>>>>> depends-on="lifecycleBeanPostProcessor"/>
>> >>>>>> <bean
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>> class="org.jsecurity.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
>> >>>>>> <property name="securityManager" ref="securityManager"/>
>> >>>>>> </bean>
>> >>>>>>
>> >>>>>> These are declared in webroot/WEB-INF/applicationContext.xml in the
>> >>>>>> spring sample application along with some additional documentation.
>> >>>>>>
>> >>>>>> The first bean helps initialize and destroy JSecurity related
>> >>>>>> beans.
>> >>>>>> The DefaultAdvisorAutoProxyCreator is required to enable Spring's
>> >>>>>> auto-proxying of beans based on annotations. The last bean adds
>> >>>>>> support
>> >>>>>> for auto-proxying method calls to beans that use JSecurity
>> >>>>>> annotations.
>> >>>>>>
>> >>>>>> I hope this helps - let me know if you have more questions!
>> >>>>>>
>> >>>>>> Jeremy
>> >>>>>>
>> >>>>>> On Thu, 18 Sep 2008 18:30:40 +0530, "Animesh Jain"
>> >>>>>> <[EMAIL PROTECTED]> said:
>> >>>>>> > I guess I'm missing setting it up with some AOP framework is it?
>> >>>>>> >
>> >>>>>> > On Wed, Sep 17, 2008 at 11:25 PM, Animesh Jain
>> >>>>>> > <[EMAIL PROTECTED]>
>> >>>>>> > wrote:
>> >>>>>> >
>> >>>>>> > > Hi
>> >>>>>> > >
>> >>>>>> > > As I understood from the documentation, a checked exception
>> >>>>>> > > will
>> >>>>>> > > be thrown
>> >>>>>> > > if for eg. a user does not have the role specified by
>> >>>>>> > > @RequiresRoles. But
>> >>>>>> > > nothing's happening, the method gets executed regardless. In my
>> >>>>>> > > particular
>> >>>>>> > > case I want the method to fire only when a user of a particular
>> >>>>>> > > role is
>> >>>>>> > > logged in, but that method is executing even if I try after
>> >>>>>> > > logout. What am
>> >>>>>> > > I missing :|
>> >>>>>> > >
>> >>>>>> > > Animesh
>> >>>>>> > >
>> >>>>>
>> >>>>
>> >>>>
>> >>>
>> >>
>> >
>> >
>
>
