We definitely have seen people using Spring AOP with CXF, but I think
they've all used Spring configuration for setting up the endpoints and
stuff. That said, it should definitely be doable from API's since
all the spring config does is configure the same objects via the API.
CXF doesn't use proxies on the server side. Spring must be doing
something there.
Dan
On May 23, 2008, at 1:52 PM, Wolf, Chris (IT) wrote:
I tried using Spring's AOP support classes to implement service
authorization
code in my CXF service, for the reason of not cluttering up my service
code
with security code (and maybe will also add auditing/tracing). This
seems to be
to classic use-case for AOP.
Unfortunately, the AOP implementation appears to use dynamic proxy
techniques (instance of java.lang.reflect.Proxy) but
it also appears that CXF uses dynamic proxies for the service
implementation,
because if I break in the ServiceCallPointcut code, the targetClass
appears
to *also* be an instance of java.lang.reflect.Proxy, so maybe
there's an
issue using Spring AOP on dynamic proxies.
Has anyone tried using AOP techniques in CXF service code?
Thanks for any suggestions.
-Chris
[...]
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.handler.MessageContext;
org.springframework.aop.framework.ProxyFactory;
import org.springframework.aop.MethodBeforeAdvice;
import org.springframework.aop.support.StaticMethodMatcherPointcut;
static class ServiceCallPointcut extends
StaticMethodMatcherPointcut {
public boolean matches(Method m, Class targetClass) {
return (targetClass == this.getClass() &&
m.getName().matches("(add.*)|(delete.*)|(fetch.*)|(login.*)"));
}
}
static class AuthenticationChecker implements MethodBeforeAdvice {
public void before(Method m, Object[] args, Object target) throws
Throwable {
System.out.println("*** Calling " + m.getName());
// transport-portable MessageContext
MessageContext ctx =
((SecAdminImpl)target).context.getMessageContext();
// transport-specific request/response, cxf-specific property
names
HttpServletRequest request = (HttpServletRequest)
ctx.get(MessageContext.SERVLET_REQUEST);
HttpServletResponse response = (HttpServletResponse)
ctx.get(MessageContext.SERVLET_RESPONSE);
Cookie[] cookies = request.getCookies();
}
}
MyServiceImpl svc = new MyServiceImpl();
ProxyFactory factory = new ProxyFactory(svc);
factory.addAdvisor(new DefaultPointcutAdvisor(new
ServiceCallPointcut(),
new AuthenticationChecker()));
--------------------------------------------------------
NOTICE: If received in error, please destroy and notify sender.
Sender does not intend to waive confidentiality or privilege. Use of
this email is prohibited when received in error.
---
Daniel Kulp
[EMAIL PROTECTED]
http://www.dankulp.com/blog
