Intercept Flex request before calling to Java method?

[SpringFlexUser]

Can I intercept the request coming from Flex client before it calls the any java method ?

Thanks in advance

[jeremyg484]

You can, with a MessageInterceptor:
http://static.springsource.org/sprin...l/ch02s09.html

[SpringFlexUser]

Thanks for the reply.

But what if I am not using Spring Flex integration jar, I am using simple Spring with LCDS. I think here we are using AOP.

Sorry, if I am wrong, I am new to Spring.

[jeremyg484]

Ahh, I see...well that really all depends on what sort of processing you're trying to do at the interception point.

[SpringFlexUser]

Can you tell what is the benefit of MessageInterceptor over MethodInterceptor ?
Currently we are using AOP for logging so we think we can achieve same using AOP

[jeremyg484]

The main benefit is that it's an out-of-the-box hook provided at a well-defined point that doesn't require writing a pointcut expression, etc. Plus, if you wanted to hook into the AMF processing chain at the level we do on your own with AOP, it's a fair bit more difficult than just applying AOP advice to a typical Spring bean.

[vlad2005]

I have an similar situation: Flex with LCDS 2.6 and hibernate.
I want to impose some security conditions for each entity so, some users can only select data, others have full access to CRUD operations and so. LCDS don't have an mechanism to do that, so my only hope it's to use spring.
I don't think that using methodInterceptor is an solution, because LCDS execute same operations like "fill", "createItem", "deleteItem", "updateItem".., for each entity, so it's difficult to see how apply security restrictions for different entity's.
Much easier would be a solution in which to use annotations in hibernate classes. Any idea? It's possible?

[jeremyg484]

Well, on the server-side, those methods are actually being called on an LCDS Assembler, right? If those Assemblers were Spring managed, you could potentially use Spring Security to apply permissions to the methods. Once we add support for the Data Management service, it seems this would be simple...that support is not there yet though. We will keep this in mind as a requirement.

[vlad2005]

Yes you are right. For my particular situation using HibernateAssembler. But, as I said above, are invoked the same method for each entity ( createItem, deleteItem ..). Only difference it's destinations.
So, an solution is to manage destinations in spring, like proceed with blaze integration, and then applying restrictions for each destination and each method belonging to that destination.
For me is an serious security problem. Because i have an application with many relations between entity's, "Users" entity need to be accessed by various users with different access levels. I can't protect entity with what offer lcds 2.6.
In lcds 3, i see some interesting options, but is very expensive for moment, and need to make many changes in my application. I don't like that for moment.
So, is any solution for the near future?