Announcement Announcement Module
Collapse
No announcement yet.
acegi security style of manager method calls interception Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • acegi security style of manager method calls interception

    Hello all,

    I don't know where to read about, please give me some hints on the next:

    I have bookingManager.createBooking(booking) method. It is called by some controller when user wants to create a booking. Creating a booking is paid procedure, so i'd like to show user confirmation dialog or tell user that he has not enough funds. The thing is that i don't know how many such "paid" methods we are going to have in future and i'd like to get AOP helping me here I know that Acegi security allows protecting manager methods and somehow redirects user to login form if called controller calls protected method.

    Code:
    <aop:config>
      <aop:advisor id="bannerManagerPayment" advice-ref="methodPaymentInterceptor" pointcut="execution(* com.example.service.banners.BannerManager.createBooking(..))"/>
    </aop:config>
    <bean id="methodPaymentInterceptor" class="com.example.aop.MethodPaymentInterceptor"/>
    If i had this working, i could only add advisors to inject all inner payments logic for other business methods.

    Here is how i expect the processing chain can look like:
    Request->some Filter->Controller->bookingManager.createBooking()->AOP interceptor->Not confirmed!->Raise "no confirmation" exception-> and here is the point i can't continue this chain . I quess that raised exception should reach filter and filter should provide required responce. Please hints or just interfaces/classes i should study to solve this puzzle. Thanks!

  • #2
    If i understand you correctly, you could use a HandlerExceptionResolver for this purpose. See Chapter 13 in the manual.

    Comment


    • #3
      Not sure thats what i want...

      Can anyone tell me the processing chain of acegi security when it intercepts manager call and renders login page if BL method is marked as secure?

      Comment

      Working...
      X