Spring ACL using JPA but ACL impl is JDBC. Two ways

Question

I have a dilema. I am using spring-security-acl and their jdbc implementation. Problem is, that I use JPA repository (Spring-data-jpa) in other queries. I think, that is no problem because JPA is implemented:

<jpa:repositories base-package="cz.repository" />

  <beans:bean id="myEmf"
      class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
      <beans:property name="dataSource" ref="dataSource" />
      <beans:property name="packagesToScan" value="cz.models" />
      <beans:property name="jpaVendorAdapter">
          <beans:bean
              class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"/>

      </beans:property>
      <beans:property name="jpaProperties">
          <beans:props>

              <beans:prop key="hibernate.dialect">org.hibernate.dialect.MySQLDialect
              </beans:prop>
              <beans:prop key="hibernate.show_sql">true</beans:prop>
          </beans:props>
      </beans:property>
  </beans:bean>

  <beans:bean id="transactionManager"
      class="org.springframework.orm.jpa.JpaTransactionManager">
      <beans:property name="entityManagerFactory" ref="myEmf" />
  </beans:bean>

so I have allready datasource in this JPA and it is no problem with spring-security which use JDBC directly.

But problem is in transactions.

I am using

  <beans:bean id="transactionManager"
      class="org.springframework.orm.jpa.JpaTransactionManager">
      <beans:property name="entityManagerFactory" ref="myEmf" />
  </beans:bean>

but spring-acl jdbc want

  <bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
        <property name="dataSource" ref="dataSource"/>
    </bean>

When I want implement ACL to my project I:

@Transactional
@PreAuthorize("permitAll")
public Room createRoom(Integer roomID) {
    // TODO Auto-generated method stub
    createAcl(roomID);
    return roomRepository.save(roomID);

}

but I use @Transactional for

org.springframework.orm.jpa.JpaTransactionManager

instead of jdbc

org.springframework.jdbc.datasource.DataSourceTransactionManager

Not often but sometime I have:

java.lang.IllegalArgumentException: Transaction must be running
at org.springframework.util.Assert.isTrue(Assert.java:65)
    at org.springframework.security.acls.jdbc.JdbcMutableAclService.createOrRetrieveSidPrimaryKey(JdbcMutableAclService.java:218)
    at org.springframework.security.acls.jdbc.JdbcMutableAclService.createObjectIdentity(JdbcMutableAclService.java:152)
    at org.springframework.security.acls.jdbc.JdbcMutableAclService.createAcl(JdbcMutableAclService.java:107)
    at cz.services.RepositoryRoomService.createAcl(RepositoryRoomService.java:118)

I do not have that deep knowledge of transacitons for JDBC, so will be problem add

org.springframework.jdbc.datasource.DataSourceTransactionManager

and have two transaction managers? There is another option write my own acl service instead of JdbcMutableAclService. But with jdbc it is easier solution.

<beans:bean id="aclService"
        class="org.springframework.security.acls.jdbc.JdbcMutableAclService">
        <beans:constructor-arg ref="dataSource" />
        <beans:constructor-arg ref="lookupStrategy" />
        <beans:constructor-arg ref="aclCache" />
    </beans:bean>

Can please someone tell me what is better?

Or use JDBC with JPA is not good solution and use only one of that technology? Thanks for answer

Answer 1

I suggest dont use the same transactionManager name in both transactional Managers, consider change the id of one of them

<beans:bean id="transactionManager"

<beans:bean id="transactionManagerJPA"  

then

@Transactional("transactionManagerJPA") 

Or consider mark you methods with @TransactionalAttribute(TransactionAttributeType.REQUIRES_NEW)