I can do
public class GetFoo implements Action<GetFooResult> {
private String id;
private AuthToken authToken;
public GetFoo( String id , AuthToken authToken) {
this.id = id;
this.authToken = authToken;
}
... etc.
Since I have to do this in every Action, I'd rather put this sort of
thing in an abstract superclass for all Actions, for easier
maintainability etc. I'd appreciate some pointers on how best to do
this? Is there some way I can define the parent class so that when
instantiating the child, I'm _forced_ to make sure that the AuthToken
is set etc.
Thanks and regards
Ravi
1) Make your class abstract
2) Ensure you provide the constructor which takes both id and auth
token; all derived classes will be required to provide the same
constructor.
3) Annotate the id and authToken members with @NonNull (from Findbugs)
I use the above solution and it works perfectly. I called my
superclass SecureAction<Result>...
I am currently only using published artifacts for dispatch and
presenter.
After reading your post I have reviewed the trunk and can see your
secure dispatch service work, very nice! Any idea on when the next
release of Dispatch will be made?
The other problem I'm facing is that I haven't really used generics in
any non-trivial way (other than in parameterizing Collections and
Maps), so am trying to wrap my mind around the whole how-to-abstractly-
implement-interfaces-which-take-type-parameters and then extend-the-
abstract-class sort of stuff. Am stuck at the moment, but am sure I
can figure things out with a little bit of time, which unfortunately I
don't have too much of!
Anyway, I'll post back on this thread if I'm really marooned, maybe
with code snippets that you guys can make sense of.
Thanks again,
Ravi
Thanks
Ravi
David
Assuming that's correct, what is the next step if you want to use this
to get users to log in? Should I use the ExceptionHandler to check for
InvalidSessionException and redirect to the login page from there? Or
create my own SecureDispatchAsync class that redirects?
Another question: what is a good way to secure only some actions? The
obvious one is the login, which I don't want to secure. I saw mention
on TurboManage that a @Secure annotation might be a good idea.
Also, let me know if I'm not using correct terminology. I'm a
seasoned .NET developer cutting his teeth on Java in general.
Hope that helps.
David
@Override
public Result execute(String sessionId, Action<?> action) throws
ActionException,
ServiceException {
if ( anonymousActions.contains(action) ) {
return getDispatch( ).execute( action );
}
return super.execute(sessionId, action);
}
Where anonymousActions is a registry of actions that don't require
authentication.
This feels very much like I'm working around the framework instead of
with it though.