Adding OAuth breaks existing AOP pointcut??

[Akumadevil]

We have an application that uses the following (pseudo code) pointcut:

Code:

<aop:config>
   <aop:aspect id="myAspect" ref="myFilter">
   <aop:pointcut id="myPointcut" expression="..."/>
   <aop:around method="filter" pointcut-ref="myPointcut" />
   </aop:aspect>
</aop:config>
    
<aop:aspectj-autoproxy />

We then added OAuth with the following:

Code:

<security:authentication-provider user-service-ref="myDetailsService" />
<oauth:provider consumer-details-service-ref="myDetailsService" token-services-ref="myToken" />
<oauth:token-services id="myToken" />

After adding the OAuth configuration the pointcut no longer works. If I remove the <oauth: provider ... /> tag it works again.

Any ideas? AOP is a pain to debug!

[Dave Syer]

<oauth:provider/> changes the Spring Security FilterChain, but it shouldn't modify any of your application beans Without knowing the pointcut we probably aren't going to make much progress.

[Akumadevil]

Here's the pointcut expression:

Code:

<aop:config >
   <aop:aspect id="myAspect" ref="myFilter">
      <aop:pointcut id="myPointcut" 
         expression="((execution(public * com.foo.*.*Service.find*(..)) || 
         execution(public * com.foo.*.*.*Service.find*(..))) and 
         !(execution(public * com.foo.*.*Service.findUnsecured*(..)) ||
         execution(public * com.foo.*.*.*Service.findUnsecured*(..))))"/>
      <aop:around method="filter" pointcut-ref="myPointcut" />
   </aop:aspect>
</aop:config>

The method being called is companyService.findById(xxx) and the aspect class has the standard method public Object filter(final ProceedingJoinPoint joinPoint).

[Akumadevil]

Additional information: We are using org.springframework 2.5.6.SEC02 with org.codehaus.spring-security-oauth 3.19

[Dave Syer]

I can't really offer much advice on old versions of spring-security-oauth, so if it is doing something crazy you might have to upgrade. It's really a bit of a mystery to me how it could have affected your AOP features though, and I suspect there is something else going on.

[Akumadevil]

Disclaimer: At this point in time we don't have the time or resources to update to Spring Security 3, which requires Spring 3...

It turned out that the org.springframework.security.oauth.provider.token. OAuthTokenLifecycleRegistryPostProcessor that implemented the BeanPostProcessor interface is somehow breaking our aspectj weaved beans. The fix was to modify this to implement the ApplicationListener interface instead.

This post was made by someone with a similar problem: http://groups.google.com/group/eurek...1b7cf8fb?pli=1

Fixed code:

Code:

package org.springframework.security.oauth.provider.token;

import org.springframework.beans.factory.BeanFactoryUtils;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationListener;
import org.springframework.context.event.ContextRefreshedEvent;

import java.util.Map;

/**
 * Bean post-processor that ensures all lifecycle listener beans are registered
 * with all lifecycle registries.
 * 
 * @author Ryan Heaton
 */
public class OAuthTokenLifecycleRegistryPostProcessor
    implements ApplicationListener {

    @Override
    public void onApplicationEvent(ApplicationEvent event) {

        if (event instanceof ContextRefreshedEvent) {
            ContextRefreshedEvent contextEvent = (ContextRefreshedEvent) event;

            Map<String, OAuthTokenLifecycleRegistry> registryBeans =
                BeanFactoryUtils.beansOfTypeIncludingAncestors(
                    contextEvent.getApplicationContext(),
                    OAuthTokenLifecycleRegistry.class);
            Map<String, OAuthTokenLifecycleListener> listenerBeans =
                BeanFactoryUtils.beansOfTypeIncludingAncestors(
                    contextEvent.getApplicationContext(),
                    OAuthTokenLifecycleListener.class);
            for (OAuthTokenLifecycleRegistry registry : registryBeans.values()) {
                for (OAuthTokenLifecycleListener listener : listenerBeans.values()) {
                    registry.register(listener);
                }
            }
        }
    }
}