Hi Myoungkyu, We don't have any AspectJ-specific code in place to support our code annotations. You would have to write that yourself.
The best advice I have is to look at the AOP base support classes: http://svn.apache.org/viewvc/incubator/shiro/trunk/core/src/main/java/org/apache/shiro/aop/ and the Spring AOPAlliance implementations: http://svn.apache.org/viewvc/incubator/shiro/trunk/support/spring/src/main/java/org/apache/shiro/spring/security/interceptor/ and see if they give you any ideas as you try to write AspectJ-specific versions. Regards, Les On Mon, Jun 29, 2009 at 11:27 AM, mksong <[email protected]> wrote: > > Hello, Les > > I think it looks like you’re saying that JSecurity can do > bytecode engineering by means of AspectJ. > Is it right? If it is true, that is what I try to search. > If you could send me a small example using annotation for > adding the security functionality, I’d very appreciate it. > > Thank you so much for your reply. > Myoungkyu > > > > > Les Hazlewood-2 wrote: > > > > The closest thing Shiro might get to bytecode enhancement might be due to > > an > > AOP framework that you use that modifies bytecode - but this is a choice > > you > > make and is not a requirement of the framework. > > > > For example, Shiro has code annotations @RequiresRole, > > @RequiresAuthentication, etc, with which you can annotate code. If the > > AOP > > framework configured to support Shiro uses bytecode manipulation, then > > obviously bytecode changes could enforce the annotations. > > > > But this is a factor of the AOP mechanisms you use and is not controlled > > by > > Shiro directly. AspectJ for example can perform build time or runtime > > bytecode manipulation to support Shiro annotations, but AOPAlliance might > > use JDK-provided Proxying mechanisms at runtime and no bytecode > > manipulation. > > > > Ultimately though you need to specify somehow how the security framework > > is > > supposed to execute - either via a Servlet Filter or code @Annotations or > > text-based configuration, or some other mechanism. The developer needs > to > > direct the way the security framework behaves. > > > > So if you desire bytecode enhancement, then yes, you can have it as long > > as > > you use something like, say, AspectJ to perform the bytecode manipulation > > which would disover and enforce the Shiro annotations. This is done by > > writing Advice that calls the Subject API to perform security checks, and > > that Advice is 'weaved' by AspectJ. Shiro does not currently have any > > AspectJ-specific Advice written - you'd have to do it yourself, but you > > could look at the classes in org.apache.shiro.aop.* for ideas. > > > > Regards, > > > > Les > > > > On Sun, Jun 28, 2009 at 8:50 PM, mksong <[email protected]> wrote: > > > >> > >> Hello, Manoj > >> > >> I am searching a framework which changes the bytecode directly, > >> without modifying source code. As you knew, this is bytecode > >> engineering or enhancement. Based on this idea, I thought JSecurity > >> modified bytecode in order to support a security functionality > >> relieving a programmer from the burden of having to implement > >> important security concerns by hand. > >> > >> So, is the method of supporting the security functionality a type > >> of API at JSecurity (or Apache Ki)? > >> > >> Myoungkyu > >> > >> > >> > >> > >> Manoj Khangaonkar wrote: > >> > > >> > Hi Myoungkyu, > >> > > >> > Just curious, what kind of security policies are you interested in ? > >> > Can you give an example. > >> > > >> > Authorization policies ( role based or other ) that shiro supports > >> > does not necessarily require any byte code manipulation. > >> > > >> > thanks > >> > > >> > Manoj > >> > > >> > On 6/28/09, mksong <[email protected]> wrote: > >> >> > >> >> Thanks for your reply. > >> >> > >> >> For example, Hibernate does not perform any bytecode > >> >> manipulation on its own, but it uses a proxying library that > >> >> creates proxies at the bytecode level. > >> >> > >> >> If you do not manipulate bytecode, > >> >> how do you enforce security policies then? > >> >> > >> >> Regards, > >> >> Myoungkyu > >> >> > >> >> > >> >> > >> >> Les Hazlewood-2 wrote: > >> >>> > >> >>> Hiya, > >> >>> > >> >>> The project (now named Shiro) does not perform bytecode manipulation > >> of > >> >>> any > >> >>> sort. > >> >>> > >> >>> Regards, > >> >>> > >> >>> Les > >> >>> > >> >>> On Sat, Jun 27, 2009 at 11:26 PM, mksong <[email protected]> wrote: > >> >>> > >> >>>> > >> >>>> Hello, All > >> >>>> > >> >>>> I am carring out an experiment on JSecurity's bytecode engineering. > >> >>>> > >> >>>> I tested JSecurity to see if the framework would generate any > >> >>>> > >> >>>> bytecode related to security or add anything to the existing ones. > >> >>>> > >> >>>> With the attached log file, I am not sure if JSecurity does > bytecode > >> >>>> engineering or not. > >> >>>> (Here are the log file at loading time and the slide file explaing > >> what > >> >>>> I > >> >>>> did: > >> >>>> > >> http://people.cs.vt.edu/~mksong/jsecurity/<http://people.cs.vt.edu/%7Emksong/jsecurity/> > <http://people.cs.vt.edu/%7Emksong/jsecurity/> > >> <http://people.cs.vt.edu/%7Emksong/jsecurity/> > >> >>>> > >> http://people.cs.vt.edu/~mksong/jsecurity/<http://people.cs.vt.edu/%7Emksong/jsecurity/> > <http://people.cs.vt.edu/%7Emksong/jsecurity/> > >> <http://people.cs.vt.edu/%7Emksong/jsecurity/>) > >> >>>> > >> >>>> Is it true? > >> >>>> > >> >>>> -- > >> >>>> View this message in context: > >> >>>> > >> > http://n2.nabble.com/About-JSecurity%27s-bytecode-engineering-tp3168851p3168851.html > >> >>>> Sent from the Shiro User mailing list archive at Nabble.com. > >> >>>> > >> >>>> > >> >>> > >> >>> > >> >> > >> >> -- > >> >> View this message in context: > >> >> > >> > http://n2.nabble.com/About-JSecurity%27s-bytecode-engineering-tp3168851p3170891.html > >> >> Sent from the Shiro User mailing list archive at Nabble.com. > >> >> > >> >> > >> > > >> > > >> > >> -- > >> View this message in context: > >> > http://n2.nabble.com/About-JSecurity%27s-bytecode-engineering-tp3168851p3171896.html > >> Sent from the Shiro User mailing list archive at Nabble.com. > >> > >> > > > > > > -- > View this message in context: > http://n2.nabble.com/About-JSecurity%27s-bytecode-engineering-tp3168851p3175117.html > Sent from the Shiro User mailing list archive at Nabble.com. > >
