struts-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aleksandr-m <>
Subject [GitHub] struts issue #133: WW-4105 Considers config time class in actions chain
Date Sat, 22 Apr 2017 12:32:55 GMT
Github user aleksandr-m commented on the issue:
    You're mixing two very different topics together, security and `chain` configuration.
    > But I think using attribute class for both class name and bean name is not intuitive
    What do you mean by that? There is no *bean* name.
    > But by continuing includes/excludes approach, user has to manually concern about
run time of the action. 
    But it the same or maybe even much more tedious manual work for defining `bean` in **every**
action you want to *protect*.
    > I've done #118 before. It does not have fewer changes that adding bean attribute.
    It is not about the amount of changes, it is about separation of concerns. Configuration
for `chain` interceptor belongs to `chain` configuration.
    > Yes, but so we will have to add dependency of any possible java proxy creators like
Spring, cglib or etc to S2 core.
    Not necessarily. For example, it can be just delegated to the object factory at hand.
    Another possibility is to search for `getTarget` methods.
    Yet another is to compare action configuration `class` with the current instance `toString`
/ `getClass().toString`.

If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at or file a JIRA ticket
with INFRA.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message