Factory that creates Acegi protected objects

**droux** · Oct 4th, 2004, 08:56 AM

I have this sort of situation:

interface Users {
User getUserByID(String ID);
}

Anyone should be able to execute this method. The User object returned should however be protected by acegi.

In my UsersImpl I can not just do "return new UserImpl(ID)", since I can not intercept this.

I believe the correct path is to have something like this in UsersImpl:

return applicationContext.getBean("UserFactory").createUs er(ID);

I can then use ProxyFactoryBean to proxy the UserFactory interface, and add my Security definition as an interceptor.

But, referring to applicationContext from a POJO implementation feels wrong.

Can someone please get me on the right track?

**Ben Alex** · Oct 4th, 2004, 03:53 PM

The Acegi Security reference manual has an "Access Control List" section which discusses the various approaches to this problem, and the respective advantages and disadvantages of each. If you have any further questions after reading this section, please feel free to ask.

Thread: Factory that creates Acegi protected objects

Thread Tools

Display

Factory that creates Acegi protected objects

Similar Threads

Domain Models and Validation – An Architectural Discussion

XSD / XML Schema for spring-beans.dtd and/or appContext.xml

Question about bean factory usage

how business objects get user information stored by Acegi?

Remoting Factory Objects

Posting Permissions