So, my latest brainstorm is to modify my web service structure to take
advantage of AOP point cuts. But, I would like some opinions as to the
wisdom of doing this (is this the best approach). My plan is to wire in
an "around advice" that would strip out the authentication tokens
(stuff like user Id, password, session Id), authenticate it and, if it
all passes, modify the parameter list to include the passed-in parm list
(minus the authentication tokens), and let the service class method
execute. My thinking is that it will reduce coding every service
operation/method to check the credentials.
But, before heading down that road, I wonder if anyone here has done
this. I'm concerned if it will execute the point cut before it tries to
perform the Aegis databinding or in any other way interfer with the
jaxws jaxb operations.
Thanks for any tips you can give.
Ron Grimes
