Spring AOP 球衣
我希望我的 AOP 建议能够处理当前正在执行的 Jersey 资源的 HttpContext。 spring-annotations 示例提到用户可以获取请求并身份验证等,但是如何获取建议中上下文中的任何值呢?
目前我的资源定义如下:
@Singleton
@Path("/persist")
public class ContentResource {
@PUT
@Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
@Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
@Auth
public Content save(Content content){
//Do some thing with the data
}
}
方面的定义如下:
@Aspect
public class AuthorizeProcessor {
@Around(value="@annotation(package.Auth) and @annotation(auth)", argNames = "auth")
public Object authorize(ProceedingJoinPoint pjp, Auth auth) throws Throwable{
//How do I get the HttpContext here?
return pjp.proceed();
}
}
I would like my AOP advice to have a handle to the currently executing Jersey resource's HttpContext. The spring-annotations sample mentions that the user could get hold of the request and authenticate etc.,, but how does one get hold of any of the values in the Context in the advice?
Currently my resource definition looks like this:
@Singleton
@Path("/persist")
public class ContentResource {
@PUT
@Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
@Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
@Auth
public Content save(Content content){
//Do some thing with the data
}
}
And the aspect is defined so:
@Aspect
public class AuthorizeProcessor {
@Around(value="@annotation(package.Auth) and @annotation(auth)", argNames = "auth")
public Object authorize(ProceedingJoinPoint pjp, Auth auth) throws Throwable{
//How do I get the HttpContext here?
return pjp.proceed();
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
当然,这很可能为时已晚,但我通过在执行授权的服务前面实现 Servlet Filter 来完成您正在做的事情。这完全避免了对 AOP 的需要,并且它直接为您提供实际的 ServletRequest,而无需绕过系统来获取它。
讽刺的是,您帮助我回答的问题可能会对您有所帮助,如果你真的想要 AOP。
您可以向请求提供 Spring RequestContextFilter,然后访问 HttpServletRequest(而不是 HttpContext):
访问过滤器链中的代码:
Granted this is most likely too late, but I did what you are doing by implementing a Servlet Filter in front of the service that does the authorization. This avoids the need for AOP entirely, and it gives you the actual ServletRequest directly without working around the system to get it.
Ironically, the question that you helped me to answer would likely help you here, if you really wanted AOP.
You can supply the Spring RequestContextFilter to the request, and then access the
HttpServletRequest
(as opposed to theHttpContext
):Access code down the filter chain: