Spring AOP 球衣

发布于 2024-12-16 01:54:10 字数 1102 浏览 0 评论 0原文

我希望我的 AOP 建议能够处理当前正在执行的 Jersey 资源的 HttpContext。 spring-annotations 示例提到用户可以获取请求并身份验证等,但是如何获取建议中上下文中的任何值呢?

目前我的资源定义如下:

    @Singleton
    @Path("/persist")
    public class ContentResource {

        @PUT
        @Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
        @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
        @Auth
        public Content save(Content content){
           //Do some thing with the data
        }
    }

方面的定义如下:

    @Aspect
    public class AuthorizeProcessor {

        @Around(value="@annotation(package.Auth) and @annotation(auth)", argNames = "auth")
        public Object authorize(ProceedingJoinPoint pjp, Auth auth) throws Throwable{
            //How do I get the HttpContext here?
            return pjp.proceed();
        }
    }

I would like my AOP advice to have a handle to the currently executing Jersey resource's HttpContext. The spring-annotations sample mentions that the user could get hold of the request and authenticate etc.,, but how does one get hold of any of the values in the Context in the advice?

Currently my resource definition looks like this:

    @Singleton
    @Path("/persist")
    public class ContentResource {

        @PUT
        @Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
        @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
        @Auth
        public Content save(Content content){
           //Do some thing with the data
        }
    }

And the aspect is defined so:

    @Aspect
    public class AuthorizeProcessor {

        @Around(value="@annotation(package.Auth) and @annotation(auth)", argNames = "auth")
        public Object authorize(ProceedingJoinPoint pjp, Auth auth) throws Throwable{
            //How do I get the HttpContext here?
            return pjp.proceed();
        }
    }

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

jJeQQOZ5 2024-12-23 01:54:10

当然,这很可能为时已晚,但我通过在执行授权的服务前面实现 Servlet Filter 来完成您正在做的事情。这完全避免了对 AOP 的需要,并且它直接为您提供实际的 ServletRequest,而无需绕过系统来获取它。

讽刺的是,您帮助我回答的问题可能会对您有所帮助,如果你真的想要 AOP。

您可以向请求提供 Spring RequestContextFilter,然后访问 HttpServletRequest(而不是 HttpContext):

<filter>
    <filter-name>requestContextFilter</filter-name>
    <filter-class>org.springframework.web.filter.RequestContextFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>requestContextFilter</filter-name>
    <url-pattern>/path/to/services/*</url-pattern>
</filter-mapping>

访问过滤器链中的代码:

/**
 * Get the current {@link HttpServletRequest} [hopefully] being made
 * containing the {@link HttpServletRequest#getAttribute(String) attribute}.
 * @return Never {@code null}.
 * @throws NullPointerException if the Servlet Filter for the {@link
 *                              RequestContextHolder} is not setup
 *                              appropriately.
 * @see org.springframework.web.filter.RequestContextFilter
 */
protected HttpServletRequest getRequest()
{
    // get the request from the Spring Context Holder (this is done for
    //  every request by a filter)
    ServletRequestAttributes attributes =
        (ServletRequestAttributes)RequestContextHolder.getRequestAttributes();

    return attributes.getRequest();
}

Granted this is most likely too late, but I did what you are doing by implementing a Servlet Filter in front of the service that does the authorization. This avoids the need for AOP entirely, and it gives you the actual ServletRequest directly without working around the system to get it.

Ironically, the question that you helped me to answer would likely help you here, if you really wanted AOP.

You can supply the Spring RequestContextFilter to the request, and then access the HttpServletRequest (as opposed to the HttpContext):

<filter>
    <filter-name>requestContextFilter</filter-name>
    <filter-class>org.springframework.web.filter.RequestContextFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>requestContextFilter</filter-name>
    <url-pattern>/path/to/services/*</url-pattern>
</filter-mapping>

Access code down the filter chain:

/**
 * Get the current {@link HttpServletRequest} [hopefully] being made
 * containing the {@link HttpServletRequest#getAttribute(String) attribute}.
 * @return Never {@code null}.
 * @throws NullPointerException if the Servlet Filter for the {@link
 *                              RequestContextHolder} is not setup
 *                              appropriately.
 * @see org.springframework.web.filter.RequestContextFilter
 */
protected HttpServletRequest getRequest()
{
    // get the request from the Spring Context Holder (this is done for
    //  every request by a filter)
    ServletRequestAttributes attributes =
        (ServletRequestAttributes)RequestContextHolder.getRequestAttributes();

    return attributes.getRequest();
}
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文