What is the ideal approach to secure a finder generated by ROO? I'd like to be able to add a #Secured annotation without a push-in refactor. Thanks.
You can modify your applicationContext-security.xml either providing AsssspectJ's <protect-pointcut /> as in documentation or protecting URL's with expression based syntax.
Related
I’m trying to understand how the Convention plugin determines when to do URL interpretation. In some REST Plug-in examples I see PrefixBasedActionMapper configured with ”/rest:rest,:struts” and it seems that Convention is only applied to the rest mapper and not the DefaultActionMapper. Is this correct? Either way, under what conditions does the Convention plugin kick in for requests?
I’ve been googling like a mad-man these last two days and can’t seem to find any explanation. Inspecting the plugin source didn't give any insights either.
They are different. Convention Plugin is not about URL/action mapping. It just search java classes and create action configs from them.
However, you can tell the plugin to search specific root packages using the property struts.convention.action.packages. e.g.
<constant name="struts.convention.action.packages" value="com.mycompany.myactions.myconvention.*"/>
I need to add a term to the URL's within a sub-directory of a website I'm working on to boost/enhance SEO. For example, http://www.domain.com/shop/product/ should go to http://www.domain.com/shop/product-SEO/ instead. I need to set this up in web.config and looked at examples on here but couldn't find anything similar. Any help?
The feature you are looking for is called URL Rewriting.
You should have a look at the following link, it will provide everything you need:
http://msdn.microsoft.com/en-us/library/ms972974.aspx
Colleagues,
In the spring security documentation I met following notion:
If you want to secure instances which are not created by Spring (using
the new operator, for example) then you need to use AspectJ.
Could anybody please show me workable example of such usage. The best case if this is done with help of static weaving.
Thank you in advance!
There is an Aspectj sample in the Spring Security codebase. It compiles against the spring-security-aspects module and then uses:
<global-method-security secured-annotations="enabled" mode="aspectj" />
to enable secured annotations. The code is very simple - it is really just a set of JUnit tests. If you take a look, you'll see that these include tests for both Spring-bean instances and instances created using the new operator.
If you want to know how spring-security-aspects works, check out the aspect source.
My requirement is to validate Class fields on the basis of external configuration file i.e xml. I dont want to use annotation as if I want to change some configuration, I will need to change class file which is not desirable. I assume this is implemented using Spring AOP, so there must be some namespace for external configuration in spring context xml file. Any help will be highly appreciated.
Check out the XML configuration section of the Hibernate Validator reference manual. It might work for your requirements.
I want to know why Annotations are preferred over XML in Struts2 Applications?
It's easier to refactor code with annotations than refactor code and then find out you broke your application because you forgot to change the XML file. This is more of a general answer than just for Struts 2, though.