Apache Shiro + Guice - can't get the annotations to work

Question

So I was able to get Apache Shiro working with Guice (thanks to ShiroWebModule) on Vaadin. The Shiro annotations (@RequiresAuthentication, @RequiresPermission) work only on the main Vaadin Application class and inside custom classes. They don't work inside CustomComponent/Window classes.

I tried injecting the Window classes to the Application class with providers, through injector.getInstance and it still doesn't work...

I am new to Guice and Shiro, so maybe I am missing something?

Why does it work for other custom classes? This works as expected (throws exception)

public class TestClassImpl implements TestClass {

    @Override

    public void doSomeWork() {
        //this will throw an exception as expected
        test();
    }

    @RequiresAuthentication

    public void test() {

    }
}

This doesn't work as expected (the method is executed, the Apache Shiro annotation is ignored):

  public class LoginView extends CustomComponent {

    public LoginWindow() {
        setCompositionRoot(mainLayout);
        //this will execture but it should not
        test();
    }

    @RequiresAuthentication

    public void test() {

    }
}

Answer 1

Using Annotations like this at runtime usually involves AOP.

With Spring AOP, you cannot intercept calls to self : this is because Spring AOP generates proxy classes, and the interception happens on those proxies -> it can't intercept calls to self.

I suspect Guice AOP works in the same way.

NB: One of the differences between TestClass/Impl and LoginView is that TestClass implements an Interface; it might be the case that Guice treats Interface proxies and "normal class" proxies differently - I'd try changing the TestClass to extend an abstract class, and see what happens there.