1.0.0-RC1 MethodInvocation AOP problem
I am unable to use the AOP method interception via an AutoProxy. It seems whenever this code at line 288 in AbstractSecurityInterceptor
is called, it is always returning null, even though the method has been mapped with a role. I have included my mapping below. The acutal method invoked isCode:ConfigAttributeDefinition attr = this.obtainObjectDefinitionSource() .getAttributes(object);
However the method is never returned when invoked via an autoproxy. The bean is retreived from the providerFactory bean which simply checks that all providers implement the correct interface on intializiation. Can anyone give me a hand with this?Code:com.ata.adapter.datalex.DatalexAdapterImpl.searchRoundTrip
Spring definition
Code:<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans> <!-- Add all service provider adapter to this auto proxy creator. This will automagically add the acegi security method interceptor to every bean when requested from Spring --> <bean id="autoProxyCreator" class="org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator"> <property name="interceptorNames"> <list><value>securityInterceptor</value></list> </property> <property name="beanNames"> <list><value>datalexAdapter</value></list> </property> </bean> <!-- This bean specifies which roles are authorized to execute which methods. --> <bean id="securityInterceptor" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> <!-- reject unauthorized invocations --> <property name="rejectPublicInvocations" value="true"/> <property name="authenticationManager" ref="authenticationManager"/> <property name="accessDecisionManager" ref="accessDecisionManager"/> <property name="objectDefinitionSource"> <!-- all implementing classes need public method security added--> <value> com.ata.adapter.datalex.DatalexAdapterImpl.search*=ROLE_SEARCH com.ata.adapter.datalex.DatalexStatelessAdapterImpl.price*=ROLE_PRICE com.ata.adapter.datalex.DatalexStatelessAdapterImpl.book*=ROLE_BOOK </value> </property> </bean> <!-- This bean specifies which roles are assigned to each user. This sets a user map from our WebServiceUserParser --> <bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> <property name="userMap"> <ref bean="userMapFactoryBean"/> </property> </bean> <!-- This bean specifies that a user can access the protected methods if they have any one of the roles specified in the objectDefinitionSource above. --> <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="decisionVoters"> <list><ref bean="roleVoter"/></list> </property> </bean> <!-- The next three beans are boilerplate. They should be the same for nearly all applications. --> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list><ref bean="authenticationProvider"/></list> </property> </bean> <!-- Use a DAO provider This still uses UsernamePasswordAuthenticationToken, but requires a WSPasswordCallback as a credential so the password can be set into the callback for authentication during the message decryption in the additionalAuthenticationChecks method --> <bean id="authenticationProvider" class="com.ata.webservices.security.WebServiceSecurityDao"> <property name="userDetailsService" ref="userDetailsService"/> </bean> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/> <!-- UserMapLoader bean --> <bean id="userMapLoader" class="com.ata.webservices.security.properties.loader.UserMapLoaderImpl"> <property name="permissionsFile"><value>webservicesusers.properties</value></property> </bean> <!-- Work around bean for InMemoryDAOImpl --> <bean id="userMapFactoryBean" class="com.ata.webservices.security.properties.loader.UserMapFactoryLoader"> <property name="loader"><ref bean="userMapLoader"/></property> </bean> <!-- our listener that checks every 30 seconds for a new security file --> <bean id="scheduledTask" class="org.springframework.scheduling.timer.ScheduledTimerTask"> <!-- wait 10 seconds before starting repeated execution --> <property name="delay"><value>10000</value></property> <!-- run every 30 seconds --> <property name="period"><value>30000</value></property> <property name="timerTask"><ref bean="securityReloader"/></property> </bean> <!-- our actual time task --> <bean id="securityReloader" class="com.ata.webservices.security.properties.loader.UserPropertyReloader"> <property name="userDetailsService"><ref bean="userDetailsService"/></property> <property name="userMapLoader"><ref bean="userMapLoader"/></property> <property name="paranoid"><value>true</value></property> </bean> <!-- Our own web service implementations --> <bean id="flightBankWebService" class="com.ata.webservices.provider.ServiceProviderAdapter"> <!-- set the service provider factory --> <property name="providerFactory"> <ref bean="providerFactory"/> </property> <!-- set the dozer mappings --> <property name="mapper"> <ref bean="mapper"/> </property> </bean> <!-- Provider factory to grab a users business provider --> <bean id="providerFactory" class="com.ata.webservices.factory.ServiceProviderFactoryImpl"> <property name="userDetailsService"> <ref bean="userDetailsService"/> </property> <property name="adapters"> <map> <entry> <key><value>datalex</value></key> <ref bean="datalexAdapter"/> </entry> </map> </property> </bean> <bean id="datalexAdapter" class="com.ata.adapter.datalex.DatalexStatelessAdapterImpl"> <property name="factory"> <ref bean="storeFrontFactory"/> </property> </bean> <!-- datalex adapter config --> <bean id="storeFrontFactory" class="com.ata.adapter.datalex.factory.StoreFrontsFactory"> <property name="bookitProps"><value>FlightBankImpl.properties</value></property> </bean> <!-- dozer converter configuration --> <bean id="mapper" class="net.sf.dozer.util.mapping.DozerBeanMapper" singleton="true"> <property name="mappingFiles"> <list> <value>dozerMappings.xml</value> </list> </property> </bean> </beans>
