You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@deltaspike.apache.org by "Arne Limburg (JIRA)" <ji...@apache.org> on 2012/12/19 21:49:12 UTC

[jira] [Resolved] (DELTASPIKE-298) Post-Method-Authorizer

     [ https://issues.apache.org/jira/browse/DELTASPIKE-298?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Arne Limburg resolved DELTASPIKE-298.
-------------------------------------

       Resolution: Fixed
    Fix Version/s: 0.4-incubating

Implemented using @SecuredReturn
                
> Post-Method-Authorizer
> ----------------------
>
>                 Key: DELTASPIKE-298
>                 URL: https://issues.apache.org/jira/browse/DELTASPIKE-298
>             Project: DeltaSpike
>          Issue Type: Improvement
>          Components: Security-Module
>    Affects Versions: 0.3-incubating
>            Reporter: Arne Limburg
>            Assignee: Arne Limburg
>             Fix For: 0.4-incubating
>
>
> Our current security interceptor allows security checks before the method invocation. Sometimes it is desirable to check the result of a method invocation, then throw a SecurityException and cause the transaction to be rolled back.
> I propose to introduce the annotation @Result as a parameter annotation of our @Secures methods. If the annotation is present at one parameter of the method, the check will be done AFTER the invocation of the business method and can check the result of the invocation.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira