Yeah.. I'm curious about that too. And I'm coming back with a new problem on
the mailing list in a few hours :D
On Mon, Sep 22, 2008 at 6:22 PM, Les Hazlewood <[EMAIL PROTECTED]> wrote:
> Sounds great - thanks again :)
>
> On Mon, Sep 22, 2008 at 8:51 AM, Animesh Jain <[EMAIL PROTECTED]>
> wrote:
> > Yeah I'll get everything together along with a short document/tutorial.
> Give
> > me a few days for that.
> >
> > Animesh
> >
> > On Mon, Sep 22, 2008 at 6:18 PM, Les Hazlewood <[EMAIL PROTECTED]>
> wrote:
> >>
> >> Cool!
> >>
> >> Could you give us a summary of everything that is required to get up
> >> and running in Guice? I can add this to a tutorial. If you needed to
> >> write any code also, that'd be great to have. :)
> >>
> >> Thanks!
> >>
> >> Les
> >>
> >> On Mon, Sep 22, 2008 at 8:41 AM, Animesh Jain <[EMAIL PROTECTED]>
> >> wrote:
> >> > Umm.. i made a very stupid mistake which I just found. All's working
> >> > well
> >> > now. Sorry for bothering :P
> >> >
> >> > So Les it seems its pretty easy to integrate annotation with Guice,
> just
> >> > one
> >> > lie config needed.
> >> >
> >> > Cheers
> >> > Animesh
> >> >
> >> > On Mon, Sep 22, 2008 at 6:01 PM, Animesh Jain <[EMAIL PROTECTED]>
> >> > wrote:
> >> >>
> >> >> Although it appears that the role check is working. Because the
> >> >> annotated
> >> >> method is not executing when the roles do not match. But no error is
> >> >> being
> >> >> thrown and the debugger is not reaching the
> >> >> AopAllianceAnnotationsAuthorizingMethodInterceptor class. I've even
> put
> >> >> a
> >> >> System.out there and it only prints when the roles match, so its not
> a
> >> >> debugger problem.
> >> >>
> >> >> I'm lost.
> >> >>
> >> >> Animesh
> >> >>
> >> >> On Mon, Sep 22, 2008 at 5:36 PM, Animesh Jain <[EMAIL PROTECTED]>
> >> >> wrote:
> >> >>>
> >> >>> Yes Jeremy, you're right. It works with a slight modification (but..
> >> >>> not
> >> >>> fully, which I'll explain below) -
> >> >>>
> >> >>> bindInterceptor(Matchers.any(),
> >> >>> Matchers.annotatedWith(RequiresRoles.class), new
> >> >>> AopAllianceAnnotationsAuthorizingMethodInterceptor());
> >> >>>
> >> >>> Basically Guice supports the AOP Alliance api, so
> >> >>> RoleAnnotationMethodInterceptor and
> >> >>> PermissionAnnotationMethodInterceptor
> >> >>> cannot be bound directly as they are not implementing the alliance
> >> >>> api's
> >> >>> method interceptor. But I think Les has written
> >> >>> AopAllianceAnnotationsAuthorizingMethodInterceptor for this very
> >> >>> purpose.
> >> >>>
> >> >>> Now lets come to the problem.. when I login with a user who has a
> >> >>> role
> >> >>> (lets say "person") and call a method with the annotation
> >> >>> RequiresRole("person"), then the
> >> >>> AopAllianceAnnotationsAuthorizingMethodInterceptor is getting called
> >> >>> and the
> >> >>> call is infact going all the way upto
> RoleAnnotationMethodInterceptor
> >> >>> as
> >> >>> expected. But if the role is something else then it is supposed to
> >> >>> throw a
> >> >>> runtime error, which is not happening, the control is not even
> coming
> >> >>> to
> >> >>> AopAllianceAnnotationsAuthorizingMethodInterceptor. This is very
> >> >>> strange.
> >> >>> I'm just using Idea's debugger to see where the calls are going.
> >> >>>
> >> >>> So basically when all's well i.e. the subject role matches the
> >> >>> annotation
> >> >>> role, then aop seems to be working. But if the roles are different
> >> >>> then aop
> >> >>> doesn't seem to be working at all. No errors. Not even getting
> called.
> >> >>>
> >> >>> Any clue on what could be happening?
> >> >>>
> >> >>> Kind regards
> >> >>> Animesh
> >> >>>
> >> >>>
> >> >>> On Fri, Sep 19, 2008 at 8:14 PM, Jeremy Haile <[EMAIL PROTECTED]>
> >> >>> wrote:
> >> >>>>
> >> >>>> Animesh,
> >> >>>> I only have light experience with Guice, but I know it supports AOP
> >> >>>> Alliance method interceptors, just like Spring uses - and just like
> >> >>>> JSecurity provides.
> >> >>>> I think you'd simply need to bind those method interceptors as
> >> >>>> appropriate. I haven't tried it yet, but I imagine something like
> >> >>>> the
> >> >>>> following code would work. Could you please try it out and let me
> >> >>>> know if
> >> >>>> it works?
> >> >>>> binder.bindInterceptor( any(), annotatedWith(RequiresRoles.class),
> >> >>>> new
> >> >>>> RoleAnnotationMethodInterceptor());
> >> >>>> binder.bindInterceptor( any(),
> >> >>>> annotatedWith(RequiresPermissions.class), new
> >> >>>> PermissionAnnotationMethodInterceptor());
> >> >>>> Jeremy
> >> >>>>
> >> >>>>
> >> >>>> On Sep 18, 2008, at 1:20 PM, Animesh Jain wrote:
> >> >>>>
> >> >>>> Well, can't really do the AOP part in Spring and the rest in Guice,
> >> >>>> its
> >> >>>> just making things unnecessarily intertwined. So I think I'll read
> up
> >> >>>> on
> >> >>>> what capabilities Guice has for AOP and try and write a Guice
> >> >>>> implementation
> >> >>>> for the RequiresRoles and RequiresPermissions tags. Any pointers
> will
> >> >>>> be
> >> >>>> appreciated on what I should try to do (on a higher level), because
> >> >>>> I've
> >> >>>> never tried my hand at AOP before this. Guice does have method
> >> >>>> interceptors
> >> >>>> I believe and that should be enough here, isn't it?
> >> >>>>
> >> >>>> Animesh
> >> >>>>
> >> >>>> On Thu, Sep 18, 2008 at 6:54 PM, Animesh Jain <
> [EMAIL PROTECTED]>
> >> >>>> wrote:
> >> >>>>>
> >> >>>>> Aah! This helps a lot. So I hope I can use this without using
> Spring
> >> >>>>> for the Jsecurity Realm injection - for that I'm using Guice.
> >> >>>>> Anyway.. I'll
> >> >>>>> try this asap and update on the results. I think Jsecurity
> >> >>>>> definitely needs
> >> >>>>> some more documentation in a few areas. I'll try and write down a
> >> >>>>> few
> >> >>>>> tutorials when I find time.
> >> >>>>>
> >> >>>>> Animesh
> >> >>>>>
> >> >>>>> On Thu, Sep 18, 2008 at 6:45 PM, Jeremy Haile <[EMAIL PROTECTED]
> >
> >> >>>>> wrote:
> >> >>>>>>
> >> >>>>>> Animesh,
> >> >>>>>>
> >> >>>>>> Have you added these bean definitions to Spring?
> >> >>>>>>
> >> >>>>>> <bean id="lifecycleBeanPostProcessor"
> >> >>>>>> class="org.jsecurity.spring.LifecycleBeanPostProcessor"/>
> >> >>>>>> <bean
> >> >>>>>>
> >> >>>>>>
> >> >>>>>>
> class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
> >> >>>>>> depends-on="lifecycleBeanPostProcessor"/>
> >> >>>>>> <bean
> >> >>>>>>
> >> >>>>>>
> >> >>>>>>
>
> class="org.jsecurity.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
> >> >>>>>> <property name="securityManager"
> ref="securityManager"/>
> >> >>>>>> </bean>
> >> >>>>>>
> >> >>>>>> These are declared in webroot/WEB-INF/applicationContext.xml in
> the
> >> >>>>>> spring sample application along with some additional
> documentation.
> >> >>>>>>
> >> >>>>>> The first bean helps initialize and destroy JSecurity related
> >> >>>>>> beans.
> >> >>>>>> The DefaultAdvisorAutoProxyCreator is required to enable Spring's
> >> >>>>>> auto-proxying of beans based on annotations. The last bean adds
> >> >>>>>> support
> >> >>>>>> for auto-proxying method calls to beans that use JSecurity
> >> >>>>>> annotations.
> >> >>>>>>
> >> >>>>>> I hope this helps - let me know if you have more questions!
> >> >>>>>>
> >> >>>>>> Jeremy
> >> >>>>>>
> >> >>>>>> On Thu, 18 Sep 2008 18:30:40 +0530, "Animesh Jain"
> >> >>>>>> <[EMAIL PROTECTED]> said:
> >> >>>>>> > I guess I'm missing setting it up with some AOP framework is
> it?
> >> >>>>>> >
> >> >>>>>> > On Wed, Sep 17, 2008 at 11:25 PM, Animesh Jain
> >> >>>>>> > <[EMAIL PROTECTED]>
> >> >>>>>> > wrote:
> >> >>>>>> >
> >> >>>>>> > > Hi
> >> >>>>>> > >
> >> >>>>>> > > As I understood from the documentation, a checked exception
> >> >>>>>> > > will
> >> >>>>>> > > be thrown
> >> >>>>>> > > if for eg. a user does not have the role specified by
> >> >>>>>> > > @RequiresRoles. But
> >> >>>>>> > > nothing's happening, the method gets executed regardless. In
> my
> >> >>>>>> > > particular
> >> >>>>>> > > case I want the method to fire only when a user of a
> particular
> >> >>>>>> > > role is
> >> >>>>>> > > logged in, but that method is executing even if I try after
> >> >>>>>> > > logout. What am
> >> >>>>>> > > I missing :|
> >> >>>>>> > >
> >> >>>>>> > > Animesh
> >> >>>>>> > >
> >> >>>>>
> >> >>>>
> >> >>>>
> >> >>>
> >> >>
> >> >
> >> >
> >
> >
>
