Multiple Deltasike securityBindingType annotations on class

Question

I'm using the Deltaspike (1.0.3) security Module with @Secured (functionality that allows to integrating 3rd party security frameworks). Is working well when I use only one annotation(SecurityBinding) on class level. When I add a second one annotation on the same class the CustomAccessDecisionVoter for the second securityBinding is never called. As I understend the api - is possible to have multiples annotations on class level, but is not working in my case. What I'm doing wrong?

This is how I declare a SecurityBinding:

@Retention(value = RetentionPolicy.RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD, ElementType.FIELD})
@Documented
@Stereotype
@Secured(AnnotationOneAccessDecisionVoter.class)
public @interface AnnotationOne {
}

This is the Custom AccessDecisionVoter for the AnnotationOne:

@ApplicationScoped
public class AnnotationOneAccessDecisionVoter implements AccessDecisionVoter {


public Set<SecurityViolation> checkPermission(AccessDecisionVoterContext voterContext) {

    Set<SecurityViolation> violations = new HashSet<SecurityViolation>(1);
    if(some validation...) {
        violations.add(new SecurityViolation() {
            private static final long serialVersionUID = ...;
            @Override
            public String getReason() {
                return "...";
            }
        });

Anf finnally the bean:

@Named("...")
@ViewScoped
//Permission
@AnnotationOne
@AnnotationTwo
public class Bean implements Serializable {...}

score 1 · Accepted Answer · answered Oct 01 '14 at 21:26

Many thanks for Gerhard Petracek and team of Deltaspike for the quick answer in the deltaspike mailing list for users.

The specific functionality at this moment was not supported, but the fix was added for the version 1.0.4 (currently in snapshot)

https://issues.apache.org/jira/browse/DELTASPIKE-735

Multiple Deltasike securityBindingType annotations on class

1 Answers1