Announcement Announcement Module
Collapse
No announcement yet.
MethodSecurityInterceptor and method overloading Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • MethodSecurityInterceptor and method overloading

    Has anyone needed MethodSecurityInterceptor to support overloading? I've got a MethodSecurityInterceptor defined against a service like this:
    Code:
      <bean id="..." class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
        <property name="authenticationManager"><ref bean="authenticationManager"/></property>
        <property name="accessDecisionManager"><ref bean="businessAccessDecisionManager"/></property>
        <property name="runAsManager"><ref bean="runAsManager"/></property>
        <property name="objectDefinitionSource">
          <value>
            com.mypackage.MyInterface.update=ROLE_MYROLE
          </value>
        </property>
      </bean>
    Now, say I overload "update" like this:
    Code:
      void update&#40;MyObject object&#41;;
      void update&#40;MyOtherObject object&#41;;
    How would I assign a different set of roles to each method? Currently, since both methods have the same name, I am forced to use the same roles for each, right?

    Thanks,
    Andy

  • #2
    Hi Andy, yes, you'll need to use the same configuration attributes for both signatures. I based our implementation on Spring's then transaction interceptor, so I'm not sure if it's a common requirement.

    I can't think of any reason why it wouldn't be theoretically possible to customise net.sf.acegisecurity.MethodDefinitionMap to do this, though. Or provide a new concrete MethodDefinitionSource implementation if you didn't want to modify MethodDefinitionMap.

    Comment

    Working...
    X