airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Jayasekara <thejaka.am...@gmail.com>
Subject Re: Enforcing cross cutting aspects on Thrift API calls with Guice AOP framework
Date Wed, 22 Jul 2015 16:53:08 GMT
Just curious;
How do Guice intercept Thrift calls ?

-AJ

On Mon, Jul 20, 2015 at 11:20 AM, Hasini Gunasinghe <hasi7786@gmail.com>
wrote:

> Hi Marlon,
>
> On Mon, Jul 20, 2015 at 8:58 AM, Pierce, Marlon <marpierc@iu.edu> wrote:
>
>>  Thanks, Hasini. This is an interesting point. Compared to Web services
>> implementations in the past, we have lost in Thrift the notions of headers
>> and message contexts.  Thinking beyond security aspects, do you see other
>> applications for Guice in the Thrift server?
>>
>
> Method interception capability of Guice can be used to apply any other
> cross cutting concerns on the thrift API method calls such as
> logging/monitoring, throttling, common data validation logic applied to a
> group of methods etc.
>
> In addition to the method interception capability, it provides certain
> other features such as dependency injection etc, which I have not looked
> into details.
>
> Thanks,
> Hasini.
>
> Marlon
>>
>>
>>   From: Hasini Gunasinghe <hasi7786@gmail.com>
>> Reply-To: dev <dev@airavata.apache.org>
>> Date: Sunday, July 19, 2015 at 1:10 PM
>> To: dev <dev@airavata.apache.org>
>> Subject: Enforcing cross cutting aspects on Thrift API calls with Guice
>> AOP framework
>>
>>   Hi Devs,
>>
>>  Just wanted to inform that Guice [1] (an aspect oriented programming
>> framework provided by Google and released under Apache 2.0 license) can be
>> used to enforce cross cutting aspects such as security, logging etc,
>> without embedding the code related to such aspects within the API methods
>> themselves.
>>
>>  Since Thrift doesn't support interception of Thrift service calls,
>> earlier, the security enforcement was applied as the first line of
>> execution in each API call, which I felt is not a clean way of doing that.
>> With the support of Guice (about which I got to know from a recent
>> discussion in thrift mailing list), security enforcement could be moved to
>> a separate interceptor and is enforced on each method only by an annotation.
>>
>>  Hope the same mechanism could be used to enforce any other cross
>> cutting aspects on the airavata thrift API calls.
>>
>>  This change is implemented in the pull request[2], along with API
>> method changes related to security.
>>
>>  Thanks,
>> Hasini.
>>
>>  [1]
>> https://github.com/google/guice/wiki/AOP#example-forbidding-method-calls-on-weekends
>> [2] https://github.com/apache/airavata/pull/23
>>
>
>

Mime
View raw message