Tom Ziemer wrote:
Thanks to everybody who replied to my original post. I am currently
using spring/acegi and it's working great - as long as you use Spring to
create your beans:
// Spring - works like a charm: security via acegi and transactions via
proxies
this.entityManager = (IEntityManager)getBean(SpringBean.MANAGER_ENTITY);
// standard java: will never work and AOP isn't an option either, since
Spring is bypassed and thus any declarative enhancements are non-functional
this.entityManager = new EntityManager();
Unless you adopt Spring 2.0 which, apparently, includes the ability to
apply AOP-type advice to an object that's not Spring-managed. That
should resolve this case for you.
L.
I guess I'll just document, that all my classes are Spring-managed and
pray that a) somebody will actually read the documentation and b)
prospective users of my API will know about Spring.
Regards,
Tom
Laurie Harper wrote:
Paul Benedict wrote:
Spring can give you method-level security if you're interested in it.
http://acegisecurity.org/
It will use AOP to proxy your classes and make sure any thread has the
proper credentials to
access your code.
And that's how to re-invent the wheel in chrome ;-) Seriously, Paul's
right, this is a great application of AOP. Acegi's strength here is that
it has a lot more power and flexibility than Java's built-in security
model.
L.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
