Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [servlet-dev] Big ticket items for Servlet 6 / Jakarta EE 10?
Hi,

On Fri, Aug 28, 2020 at 1:53 PM Greg Wilkins <gregw@xxxxxxxxxxx> wrote:
This is more or less how it is done today anyway, just without a standard API.   We have a Decorator API with the methods:
 
    <T> T decorate(T o);
    void destroy(Object o);

For scopes to really work you'd actually need to call this every time you need to use a Servlet, although I guess you could use this to return a proxy first, which then delegates to the actual scoped Servlet that is fully managed by CDI (which would essentially boil down to the bridge servlet I presented above).

Regardless, the existing structure of a Servlet with its service method and overrides is IMHO not a very good fit for a bean model and interceptors. 

It's exactly because of this reason the existing @RolesAllowed (or a similar interceptor indicating annotation) could not be used for Servlet security at the time, and Servlet *had* to invent its own here.

Kind regards,
Arjan Tijms



Back to the top