airavata-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pierce, Marlon" <marpi...@iu.edu>
Subject Re: Enforcing cross cutting aspects on Thrift API calls with Guice AOP framework
Date Mon, 20 Jul 2015 12:58:20 GMT
Thanks, Hasini. This is an interesting point. Compared to Web services implementations in the
past, we have lost in Thrift the notions of headers and message contexts.  Thinking beyond
security aspects, do you see other applications for Guice in the Thrift server?

Marlon


From: Hasini Gunasinghe <hasi7786@gmail.com<mailto:hasi7786@gmail.com>>
Reply-To: dev <dev@airavata.apache.org<mailto:dev@airavata.apache.org>>
Date: Sunday, July 19, 2015 at 1:10 PM
To: dev <dev@airavata.apache.org<mailto:dev@airavata.apache.org>>
Subject: Enforcing cross cutting aspects on Thrift API calls with Guice AOP framework

Hi Devs,

Just wanted to inform that Guice [1] (an aspect oriented programming framework provided by
Google and released under Apache 2.0 license) can be used to enforce cross cutting aspects
such as security, logging etc, without embedding the code related to such aspects within the
API methods themselves.

Since Thrift doesn't support interception of Thrift service calls, earlier, the security enforcement
was applied as the first line of execution in each API call, which I felt is not a clean way
of doing that.
With the support of Guice (about which I got to know from a recent discussion in thrift mailing
list), security enforcement could be moved to a separate interceptor and is enforced on each
method only by an annotation.

Hope the same mechanism could be used to enforce any other cross cutting aspects on the airavata
thrift API calls.

This change is implemented in the pull request[2], along with API method changes related to
security.

Thanks,
Hasini.

[1] https://github.com/google/guice/wiki/AOP#example-forbidding-method-calls-on-weekends
[2] https://github.com/apache/airavata/pull/23

Mime
View raw message