Archive for the ‘acegi’ Category
Howto use acegi-security and the @Secured annotation for method interception
Friday, July 4th, 2008
Posted in: J2EE, System architecture, acegi, java, spring.
Acegi-security (now spring-security) provides a @Secured (org.acegisecurity.annotation.Secured) annotation.
Classes using this annotation can be processed by a suitable BeanPostProcessor, which will proxy the class so that calls to @Secured methods are intercepted and the required authentication is validated against the acegi security context. Note that the following is a configuration for acegi-security, things might be different with spring-security.
2008-07-12: Comment: It is indeed a lot simpler using spring-security, as Craig Walls demonstrates in this posting in his blog “Spring-Loaded”).
In order to activate the post processing for the @Secured annotations, a spring configuration such as the following is required:
Read the rest of “Howto use acegi-security and the @Secured annotation for method interception”