pre-post-annotations and PropertyConfigurer. Schema too strict?

[magiconair]

Hi,

I would like to configure the pre-post-annotations via a property like this

Code:

<security:global-method-security pre-post-annotations="${security.annotations}"/>

using security.annotations=enabled

However, I'm getting the following error:

Code:

Offending resource: class path resource resteasy-test-server.xml; nested exception is org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 24 in XML document from class path resource resteasy-service-servlet.xml is invalid; nested exception is org.xml.sax.SAXParseException: cvc-enumeration-valid: Value '${security.annotations}' is not facet-valid with respect to enumeration '[disabled, enabled]'. It must be a value from the enumeration.

The motivation is to disable the security for testing. For my tests I'm including my regular appContext.xml files and having the above configuration once with enabled and once with disabled doesn't work.

Frank

[Rob Winch]

You might consider adding an enhancement request to JIRA. In the meantime, you could disable security by writing a SecurityExpressionHandler that wraps the current one and can be disabled use a boolean property.

[pmularien]

Looking at the source, I think this doesn't work because these properties don't get set directly on a BeanDefinitionSource. Let us know if you want help filing a JIRA, as Rob said, this is an enhancement that Luke has applied to most other areas of the config where attributes directly translate to beans, but in this area it'll require some more work (I think).

[skram]

How about considering bean profiles (available with Spring 3.1. M1) where you can have a bean for dev and another one for production. It might not fit exactly on what you really want but it may provide an alternative solution.

See http://blog.springsource.com/2011/02...ucing-profile/

[wims.tijd]

i ran into this issue when i tried to use "method-security" enable=''${..}'',
it would be great if we would be able to do so