AspectJSecurityInterceptor xref

View Javadoc

1   /* Copyright 2004 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.intercept.method.aspectj;
17  
18  import org.acegisecurity.intercept.AbstractSecurityInterceptor;
19  import org.acegisecurity.intercept.InterceptorStatusToken;
20  import org.acegisecurity.intercept.ObjectDefinitionSource;
21  import org.acegisecurity.intercept.method.MethodDefinitionSource;
22  
23  import org.aspectj.lang.JoinPoint;
24  
25  
26  /***
27   * Provides security interception of AspectJ method invocations.
28   * 
29   * <p>
30   * The <code>ObjectDefinitionSource</code> required by this security
31   * interceptor is of type {@link MethodDefinitionSource}. This is shared with
32   * the AOP Alliance based security interceptor
33   * (<code>MethodSecurityInterceptor</code>),  since both work with Java
34   * <code>Method</code>s.
35   * </p>
36   * 
37   * <p>
38   * The secure object type is <code>org.aspectj.lang.JoinPoint</code>, which is
39   * passed from the relevant <code>around()</code> advice. The
40   * <code>around()</code> advice also passes an anonymous implementation of
41   * {@link AspectJCallback} which contains the call for AspectJ to continue
42   * processing:  <code>return proceed();</code>.
43   * </p>
44   * 
45   * <P>
46   * Refer to {@link AbstractSecurityInterceptor} for details on the workflow.
47   * </p>
48   *
49   * @author Ben Alex
50   * @version $Id: AspectJSecurityInterceptor.java,v 1.3 2005/11/17 00:56:48 benalex Exp $
51   */
52  public class AspectJSecurityInterceptor extends AbstractSecurityInterceptor {
53      //~ Instance fields ========================================================
54  
55      private MethodDefinitionSource objectDefinitionSource;
56  
57      //~ Methods ================================================================
58  
59      public void setObjectDefinitionSource(MethodDefinitionSource newSource) {
60          this.objectDefinitionSource = newSource;
61      }
62  
63      public MethodDefinitionSource getObjectDefinitionSource() {
64          return this.objectDefinitionSource;
65      }
66  
67      public Class getSecureObjectClass() {
68          return JoinPoint.class;
69      }
70  
71      /***
72       * This method should be used to enforce security on a
73       * <code>JoinPoint</code>.
74       *
75       * @param jp The AspectJ joint point being invoked which requires a
76       *        security decision
77       * @param advisorProceed the advice-defined anonymous class that implements
78       *        <code>AspectJCallback</code> containing a simple <code>return
79       *        proceed();</code> statement
80       *
81       * @return The returned value from the method invocation
82       */
83      public Object invoke(JoinPoint jp, AspectJCallback advisorProceed) {
84          Object result = null;
85          InterceptorStatusToken token = super.beforeInvocation(jp);
86  
87          try {
88              result = advisorProceed.proceedWithObject();
89          } finally {
90              result = super.afterInvocation(token, result);
91          }
92  
93          return result;
94      }
95  
96      public ObjectDefinitionSource obtainObjectDefinitionSource() {
97          return this.objectDefinitionSource;
98      }
99  }