Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 0A6F6200C5E for ; Sat, 22 Apr 2017 14:32:57 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 08C4D160B96; Sat, 22 Apr 2017 12:32:57 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 5085E160B93 for ; Sat, 22 Apr 2017 14:32:56 +0200 (CEST) Received: (qmail 2865 invoked by uid 500); 22 Apr 2017 12:32:55 -0000 Mailing-List: contact dev-help@struts.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Help: List-Post: List-Id: "Struts Developers List" Reply-To: "Struts Developers List" Delivered-To: mailing list dev@struts.apache.org Received: (qmail 2854 invoked by uid 99); 22 Apr 2017 12:32:55 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 22 Apr 2017 12:32:55 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 192C4E381C; Sat, 22 Apr 2017 12:32:55 +0000 (UTC) From: aleksandr-m To: dev@struts.apache.org Reply-To: dev@struts.apache.org References: In-Reply-To: Subject: [GitHub] struts issue #133: WW-4105 Considers config time class in actions chain Content-Type: text/plain Message-Id: <20170422123255.192C4E381C@git1-us-west.apache.org> Date: Sat, 22 Apr 2017 12:32:55 +0000 (UTC) archived-at: Sat, 22 Apr 2017 12:32:57 -0000 Github user aleksandr-m commented on the issue: https://github.com/apache/struts/pull/133 You're mixing two very different topics together, security and `chain` configuration. > But I think using attribute class for both class name and bean name is not intuitive too. What do you mean by that? There is no *bean* name. > But by continuing includes/excludes approach, user has to manually concern about run time of the action. But it the same or maybe even much more tedious manual work for defining `bean` in **every** action you want to *protect*. > I've done #118 before. It does not have fewer changes that adding bean attribute. It is not about the amount of changes, it is about separation of concerns. Configuration for `chain` interceptor belongs to `chain` configuration. > Yes, but so we will have to add dependency of any possible java proxy creators like Spring, cglib or etc to S2 core. Not necessarily. For example, it can be just delegated to the object factory at hand. Another possibility is to search for `getTarget` methods. Yet another is to compare action configuration `class` with the current instance `toString` / `getClass().toString`. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastructure@apache.org or file a JIRA ticket with INFRA. --- --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org For additional commands, e-mail: dev-help@struts.apache.org