Thanks to everybody who replied to my original post. I am currently using spring/acegi and it's working great - as long as you use Spring to create your beans:
// Spring - works like a charm: security via acegi and transactions via proxies this.entityManager = (IEntityManager)getBean(SpringBean.MANAGER_ENTITY); // standard java: will never work and AOP isn't an option either, since Spring is bypassed and thus any declarative enhancements are non-functional this.entityManager = new EntityManager(); I guess I'll just document, that all my classes are Spring-managed and pray that a) somebody will actually read the documentation and b) prospective users of my API will know about Spring. Regards, Tom Laurie Harper wrote: > Paul Benedict wrote: >> Spring can give you method-level security if you're interested in it. >> >> http://acegisecurity.org/ >> >> It will use AOP to proxy your classes and make sure any thread has the >> proper credentials to >> access your code. > > And that's how to re-invent the wheel in chrome ;-) Seriously, Paul's > right, this is a great application of AOP. Acegi's strength here is that > it has a lot more power and flexibility than Java's built-in security > model. > > L. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]