I have some business method in an EJB that recieves a DTO as argument, ie:
public void someMethod(SomeClass someArgument);
I would like to define a custom validator that validates the argument (notice that i would like to validate it as a parameter, not at class level, although if someone have a workaround that involves that it's welcome). The validation needs data from the currently logged principal, for example, by injecting it with @Context annotation the SecurityContext.
So, my first approach was to implement a new ConstraintValidator, with PARAMETER target, for SomeClass. The thing is, i think that injecting the SecurityContext with @Context inside this ConstraintValidator wouldn't work, as the bean-validation api mandates that the isValid method should be thread-safe, so i guess this validation instance is reused concurrently, and then the injected SecurityContext wouldn't work.
Is my suspicion right? How would you handle this use-cases, in which you need to use security context provided information to perform validation? I know how to do it with spring security, but not in javaee (version 7) environment.
Aucun commentaire:
Enregistrer un commentaire