CODEWITHSUNDEEP
javaspringaopaspectjspring-aop
Mr. Mak
Mr. Mak

Reputation: 867

AOP vs Spring Security

What the difference between these below...

@org.aspectj.lang.annotation.Aspect
public class Test {
   //@Pointcut, @Around etc etc..
}

And

public aspect Test {

}

And what is the better to use for security among..

in spring app

Upvotes: 4

Views: 2581

Answers (3)

kriegaex
kriegaex

Reputation: 67297

The first one is annotation-style syntax and can be used by both Spring AOP and pure AspectJ, the second one is native AspectJ syntax and only works in pure AspectJ, not in proxy-based Spring AOP. But pure AspectJ (compiled by AspectJ compiler) can also be incorporated into Spring projects as described in the Spring manual, chapter Using AspectJ with Spring applications.

As for which approach is better suited for implementing security, this is kind of a philosophical question as long as you do not describe your use case in detail, but my general suggestion is: If you use the Spring framework anyway, also use its security mechanisms. If you only consider using Spring because you want to use Spring AOP, I would rather advise you to stay away from a big framework used for a single purpose only and use pure AspectJ in your POJO application for implementing security.

Upvotes: 2

Amanuel Nega
Amanuel Nega

Reputation: 1977

Check here

Aspect declarations are supported by the org.aspectj.lang.annotation.Aspect annotation. The declaration:

 @Aspect
 public class Foo {}

Is equivalent to:

 public aspect Foo {}

NOTE: The first one is detected by spring. The later requires AspectJ.

And for the second question. The comparison is impossible. Because the first one is a framework and the later is a paradigm. Spring security uses AOP to secure method calls, AOP by itself is not a security mechanism. Unless of course, you are going to build your own security using AOP, which is re-inventing the wheel.

Upvotes: 10

Naresh Joshi
Naresh Joshi

Reputation: 4547

Marking your class Test with @Aspect annotation will make your class an Aspect, means Spring's ApplicationContext or BeanFactory will now read and scan your class to find advices, pointcuts, joinpoints, you can define your extra cross-cutting functinality (functionality which you keep separate from your business logic) which you want to get executed for some event like before a method call, after a method call, after method throw an exception etc.

AOP (Aspect-oriented programming) is design pattern which spring follows to provide you cross-cutting functionality while Spring Security is a part of complete spring framework, which you can use to secure your application

Spring Security internally uses AOP and Filters to do its work.

Upvotes: 2

Related Questions