Hi Marijan, Oscar, who developed the Stripes-Security plugin, may have more to say about this, but what comes to my mind is that if you only lazy-load things when they are actually required, rather than pre-load everything upon creation of a new ActionBean(), you shouldn't have any problems, be it NPEs or performance.
Maybe if you post an example with some code, perhaps I (or someone else) will be able to provide more specific suggestions to help out? Another thing, I believe the default J2EESecurityManager that comes with the Stripes-Security plugin indeed does what you said - simply call context.request.isUserInRole(..). Let me know what you think. Cheers, Freddy - Hi all, - - after reading stripes book decided to switch my security - implementation from - http://www.stripesframework.org/display/stripes/Securing+Stripes+With+ACLs - to: - http://www.stripesframework.org/display/stripes/Security+Interceptor+for+custom+authorization - - but soon realized(eh..read: got exceptions al over the place ) that - later implementation has a serious drawback(in mine case) and that - is it's tag usage: - - <s:useActionBean var="xx" bean="foo.Bean" /> - <security:allowed bean="xx"> - - Now, if you have a navigation which is a layout-definition, and you - have beans that preload stuff based on some parameter/user input, - you are kinda screwed cause your bean cannot be instantiated (if - there are exceptions). - - Also, my navigation contains references to something like 20 or more - action beans, so even if it would run without NPE's, preloading all - those beans just to check the roles, is a lot of - overhead..(especially knowing that calling - context.request.isUserInRole(..) should be enough...) - - oh well, rollback... - - -m ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Stripes-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/stripes-users
