0

I have a Jersey resource class which use field validation for header parameter.

@Controller
@RequiredArgsConstructor
public class Resource {

    @Min(value = 0)
    @HeaderParam("id")
    private int id;

    @HeaderParam("Authorization")
    private String header;

    @Authenticate
    public void get() {
    }

}

Then I create an Aspect which pointcut at @Authenticate annotation.

public class Aspect {

    @Before("@annotation(Authenticate)")
    public void doAuthenticate() {
    }

}

The problem is that after creating the Aspect, the field validation for id no longer works (pass in -1 as id header will not violate the constraint).

I'm guessing the reason is that since Spring AOP is using CGLIB as the proxy, it doesn't fill fields when it creates the proxy, so a default value was passing to the validation, and then after getting out of Aspect, it's already out of the validation phase, hence the validation is not working.

So my questions are: 1. Am I understand correctly? 2. How can I make the field validation work?

Paul Samsotha
  • 205,037
  • 37
  • 486
  • 720
Jun
  • 560
  • 1
  • 6
  • 17
  • I don't know much about either Spring or Jersey, but you are right insofar as a dynamic proxy is only what the name implies: a proxy. It wraps methods of the original object, enabling you to intercept them, e.g. via AOP. It does not proxy or replicate member variables. So either you use AspectJ instead of Spring AOP, avoiding proxies completely, or you need to configure validation in a way that makes sure that it is done on the original object and not on the proxy. I cannot say more without an [MCVE](http://stackoverflow.com/help/mcve), though. GitHub would be good. – kriegaex Jun 10 '18 at 04:51
  • @kriegaex thanks for your comment. I end up deciding to not relying on the field parameters. – Jun Jun 12 '18 at 20:10

0 Answers0