Support @Secured for @PayloadRoot methods [SWS-551]

[gregturn]

Stevo Slavić opened SWS-551 and commented

Currently when message dispatcher tries to invoke method of an @Endpoint, where method has been @Secured using Spring-AOP JDK dynamic proxy, IllegalArgumentException gets thrown (from MethodEndpoint's invoke) with message "object is not an instance of declaring class". Guess it has to do with fact that method is actually being invoked on a proxy implementing same interface as endpoint whilst it seems that instance of endpoint is expected. Haven't tried yet but I think that if CGLIB proxy was used that this should already work.

---

Affects: 1.5.7

Reference URL: http://forum.springsource.org/showthread.php?p=251127

Issue Links:

• SEC-1284 Support 'proxy-target-class' attribute for global-method-security element of security namespace

5 votes, 6 watchers

[gregturn]

Shaun Domingo commented

Hi Arjen,

Is there any way you can give any guidance/help around how to get around this problem, or if/when this will be fixed?

We really appreciate all the hard work that goes into this project.

Cheers,
Shaun

[gregturn]

Arjen Poutsma commented

Shaun, we'll take a look at this for 2.0.

[gregturn]

Arjen Poutsma commented

With the new @Endpoint programming model in 2.0, I can't seem to reproduce this.

If it still doesn't work for you, feel free to reopen and attach a testcase which illustrates the problem.

[gregturn]

Arjen Poutsma commented

Closing old issues