1 Reply Latest reply on Jun 21, 2004 3:03 PM by bill.burke

    AOP Security Service

    kado0002
    kado0002 Jun 21, 2004 2:32 PM

      Hello I want to use AOP Security Service, but first I' ve got a general question.
      How can I use programmatic security with AOP Security Service?
      Or isn't it possible to use this possibility with AOP Security Service?

      Many applications use programmatic security and I must reengineer an EJB application which uses methods like isCallerInRole etc.

      What can I do ?
      perhaps extend the AOP Security Interceptor?

      • 3782 Views
      • Tags:
        • 1. Re: AOP Security Service
          bill.burke
          bill.burke Jun 21, 2004 3:03 PM (in response to kado0002)

          This is on my todo list, but I've never gotten around to it.

          So you want a SecurityContext object that has:

          getCaller
          getRole
          isCallerInRole

          what else?

          To get access to it, I was thinking of a field annotation.

          public MyClass {
 @Inject SecurityContext securityContext;

}


          Accessing the field securityContext would be intercepted and the correct context object would be accessed from a thread local.

          What are your thoughts? Would you like to implement this? I can help you spec it out. I know what needs to be done, just don't have the cycles until after JavaOne. Email me directly at bill@jboss.org if you're interested in implementing. Other than that, put your suggestions here on this forum

          Thanks,

          Bill

            • Actions