sample code for domain object instance security interceptor?

**JongKim** · Dec 3rd, 2004, 09:00 AM

The documentation has an example of how to use MethodSecurityInterceptor to secure business beans that are obtained from Spring context via ProxyFactoryBean.

I would like to apply the same method-level security to the domain object instances returned from DAO layer (rather than obtained from Spring context as beans) and I don't see an example code for this.

I assume that I'll have to write an interceptor that programmatically (rather than declaratively) creates a proxy for each domain instance that needs to be secured and return the proxy to the consumer that is going to subsequently access the properties of the domain object.

I'm sure this is very common scenario, so is there any sample code for this that already exists?

Thanks
/Jong

**Ben Alex** · Dec 3rd, 2004, 02:59 PM

You can approach this any other way you would with Spring. Acegi Security is essentially just an AOP Alliance MethodInterceptor, so if you can wire one of those, you'll be fine. People sometimes use prototype beans for this purpose.

Alternatively, use the AspectJ integration which is a way of wiring instances with advices without needing to get them from the IoC container.

Thread: sample code for domain object instance security interceptor?

Thread Tools

Display

sample code for domain object instance security interceptor?

Similar Threads

Domain Models and Validation – An Architectural Discussion

Spring container fails with no exception

EHCaching Hibernate

Loosing my SecureContext

Stack Overflow

Posting Permissions