airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hasini Gunasinghe <hasi7...@gmail.com>
Subject Re: Enforcing cross cutting aspects on Thrift API calls with Guice AOP framework
Date Thu, 23 Jul 2015 15:46:24 GMT
Hi Amila,

Let me quote the answer to your question from Guice documentation at [1].

"Behind the scenes, method interception is implemented by generating
bytecode at runtime. Guice dynamically creates a subclass that applies
interceptors by overriding methods."

Thanks & Best Regards,
Hasini.

[1] https://github.com/google/guice/wiki/AOP

On Wed, Jul 22, 2015 at 12:53 PM, Amila Jayasekara <thejaka.amila@gmail.com>
wrote:

> Just curious;
> How do Guice intercept Thrift calls ?
>
> -AJ
>
> On Mon, Jul 20, 2015 at 11:20 AM, Hasini Gunasinghe <hasi7786@gmail.com>
> wrote:
>
>> Hi Marlon,
>>
>> On Mon, Jul 20, 2015 at 8:58 AM, Pierce, Marlon <marpierc@iu.edu> wrote:
>>
>>>  Thanks, Hasini. This is an interesting point. Compared to Web services
>>> implementations in the past, we have lost in Thrift the notions of headers
>>> and message contexts.  Thinking beyond security aspects, do you see other
>>> applications for Guice in the Thrift server?
>>>
>>
>> Method interception capability of Guice can be used to apply any other
>> cross cutting concerns on the thrift API method calls such as
>> logging/monitoring, throttling, common data validation logic applied to a
>> group of methods etc.
>>
>> In addition to the method interception capability, it provides certain
>> other features such as dependency injection etc, which I have not looked
>> into details.
>>
>> Thanks,
>> Hasini.
>>
>> Marlon
>>>
>>>
>>>   From: Hasini Gunasinghe <hasi7786@gmail.com>
>>> Reply-To: dev <dev@airavata.apache.org>
>>> Date: Sunday, July 19, 2015 at 1:10 PM
>>> To: dev <dev@airavata.apache.org>
>>> Subject: Enforcing cross cutting aspects on Thrift API calls with Guice
>>> AOP framework
>>>
>>>   Hi Devs,
>>>
>>>  Just wanted to inform that Guice [1] (an aspect oriented programming
>>> framework provided by Google and released under Apache 2.0 license) can be
>>> used to enforce cross cutting aspects such as security, logging etc,
>>> without embedding the code related to such aspects within the API methods
>>> themselves.
>>>
>>>  Since Thrift doesn't support interception of Thrift service calls,
>>> earlier, the security enforcement was applied as the first line of
>>> execution in each API call, which I felt is not a clean way of doing that.
>>> With the support of Guice (about which I got to know from a recent
>>> discussion in thrift mailing list), security enforcement could be moved to
>>> a separate interceptor and is enforced on each method only by an annotation.
>>>
>>>  Hope the same mechanism could be used to enforce any other cross
>>> cutting aspects on the airavata thrift API calls.
>>>
>>>  This change is implemented in the pull request[2], along with API
>>> method changes related to security.
>>>
>>>  Thanks,
>>> Hasini.
>>>
>>>  [1]
>>> https://github.com/google/guice/wiki/AOP#example-forbidding-method-calls-on-weekends
>>> [2] https://github.com/apache/airavata/pull/23
>>>
>>
>>
>

Mime
View raw message