1 Reply Latest reply on Jun 21, 2004 3:03 PM by Bill Burke

    AOP Security Service

    kado0002 Newbie

      Hello I want to use AOP Security Service, but first I' ve got a general question.
      How can I use programmatic security with AOP Security Service?
      Or isn't it possible to use this possibility with AOP Security Service?

      Many applications use programmatic security and I must reengineer an EJB application which uses methods like isCallerInRole etc.

      What can I do ?
      perhaps extend the AOP Security Interceptor?

        • 1. Re: AOP Security Service
          Bill Burke Master

          This is on my todo list, but I've never gotten around to it.

          So you want a SecurityContext object that has:

          getCaller
          getRole
          isCallerInRole

          what else?

          To get access to it, I was thinking of a field annotation.

          public MyClass {
           @Inject SecurityContext securityContext;
          
          }
          


          Accessing the field securityContext would be intercepted and the correct context object would be accessed from a thread local.

          What are your thoughts? Would you like to implement this? I can help you spec it out. I know what needs to be done, just don't have the cycles until after JavaOne. Email me directly at bill@jboss.org if you're interested in implementing. Other than that, put your suggestions here on this forum

          Thanks,

          Bill