First i create target class called CostumerReport which has method named generatePerformance. So generatePerformance will be called as "targetMethod" by acegi, becouse its the method that will be invoked daily. Then i declare CostumerReport as costumerReport bean in applicationContexta.xml and i also inject SecurityFacade and other Service object.
Then costumerReport is wrapped inside MethodInvokingJobDetailFactoryBean by declaring targetMethod that will be invoked (obviously it is costumerReport.generateSalesPerformance), basically this is the easiest way to declare quartz job detail bean.
My last step is creating quartz trigger using simple trigger bean, and set the interval periode.
Im using commons-attributest to make easy configuration (rather than editing the xml). I belive this attributeSource (commons-attributes) couse inspection every time method being called, any kind of method which registered in applicationContext.xml.
Thats why every time quartz MethodInvokingJobDetailFactoryBean executed, security concern will check if theres any Authentication in SecureContext.
So the case was like this, CostumerReport automatically becoming secured object becouse MethodInvocationInterceptor using attributes commons-attributes. Even if i dont declare
@@net.sf.acegisecurity.SecurityConfig("ROLE_USER")
still acegi check if theres any AuthenticationObject every method invocation in every bean thats registered in applicationContext.xml
On 9/16/05, Andy Depue <[EMAIL PROTECTED]> wrote:
On Friday 16 September 2005 01:26 pm, Achmad Arif Rachim wrote:
> Hi andy,
>
> Im using your suggestion to use SecurityFacade. i found very interesting
> result, yes its working but not 100% well. Every successfull invocations
> theres periode where AuthenticationCredentialsNotFoundException thrown. I
> found every 16 successful invocation always have one failed down :(
>
> I think the problem becouse we can only invoke
> securityFacade.authenticateUser inside targetMethod. Im using
> methodSecurityInterceptor with commons-attributes, so it will intercept any
> kind of method before they were being called. the issue will be "how to
> intercept QUARTZ targetMethod before invoked" so i can call
> securityFacade.authenticateUser.
>
> Wish Ben can help me on this.
>
As I said, I'm not yet familiar with Quartz, but it sounds like it is calling
a target method on some object. If I understand your problem correctly, then
you are asking Quartz to invoke a target method that happens to be secured
(MethodSecurityInterceptor?) by Acegi. So, by the time you get "inside" your
target method, Acegi has already tried to authenticate the user. If this is
all true, then why not have Quartz call some other object that then calls
your target method? For example:
----
public class SomeOtherObject
{
private ActualObject actualSecuredObject;
private SecurityFacade securityFacade;
public void targetMethod(... args ....) {
securityFacade.authenticateUser(subsystemUserName, subsystemCredentials);
try {
actualSecuredObject.actualTargetMethod(... pass in args ...);
} finally {
securityFacade.unauthenticateUser();
}
}
public void setActualSecuredObject(ActualObject ao) { ... }
public ActualObject getActualSecuredObject() { ... }
public void setSecurityFacade(SecurityFacade sf) { ... }
public SecurityFacade getSecurityFacade() { ... }
}
----
You could instantiate this in Spring:
----
<bean id="quartzObject" class="...SomeOtherObject">
<property name="actualSecuredObject" ref="someSecuredObject"/>
<property name="securityFacade" ref="securityFacade"/>
</bean>
---
Now, just pass a reference to "quartzObject" to Quartz instead of
"someSecuredObject".
This is, of course, a very concrete example, but it could easily be made
generic by employing interfaces, JDK Proxy, or even Spring's AOP.
- Andy
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server.
Download it for free - -and be entered to win a 42" plasma tv or your very
own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
