[errai-dev] interceptors

Erik Jan de Wit edewit at redhat.com
Tue Apr 30 13:15:18 EDT 2013


Hi Guys,

What I like in a lot of security frameworks is that one can secure method calls with a simple annotation. So my idea was that we could make something like @RequireAuthentication on the remote interface and that would not allow the call if nobody is logged in. We could develop something like this based on the InterceptedCall functionality, but because of the way InterceptedCall is setup there is no way to make another annotation behave like InterceptedCall. To make it a bit more clear i cannot define an annotation like this:

@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD})
@InterceptedCall(SecurityInterceptor.class)
public @interface RequireAuthentication {
}

and have the SecurityInterceptor invoked the only way I can do it is by annotating the methods with:

@InterceptedCall(SecurityInterceptor.class)

Why now have it more like the CDI interceptor api http://docs.oracle.com/javaee/6/api/javax/interceptor/InterceptorBinding.html

This gives me the ability to lousily couple the annotation with the interceptor are there reasons for the model that is implemented now? Can we change it so that it will be more flexible? Or shall we stick with how it's is now and extend the functionality to make it work with my example annotation?

Cheers,
	Erik Jan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/errai-dev/attachments/20130430/3d1c69d7/attachment.html 


More information about the errai-dev mailing list