Page Spring Bean Injection
Click's Spring integration could be significantly improved. Currently the SpringClickServlet provides 2 ways to instantiate pages:
- Using Spring instantiated pages, where all dependencies will be injected. Unfortunately this method requires you to define each page in your Spring beans configuration file(s), which would become quite laborious with a large project.
- Use Click instantiated pages, where the ApplicationContext is injected. While this is convenient, it can lead to an anti-pattern where you put all your bean accessor methods (using the ApplicationContext) in a Base page, and you end up with this monster class.
A solution to this problem could be to modify the behaviour of the SpringClickServlet. After the configService has been initialized, and the Spring ApplicationContext is available the Serlvet would iterate through all the page classes and using reflection their properties and determine whether the were any properties which match beans available in the Spring ApplicationContext. If there were, these matches would be cached for future uses.
At runtime when the Servlet instantiates pages, it would check the cache to determine whether there are any Spring beans which could be injected into the page instance. This would provide the benefits of Spring bean injection, but without the hassel of having to configure pages as beans in Spring configuration file(s).
Spring Security
Spring provides the rather complex but very useful ACEGI security framework. This security framework is very useful as it removes application server specific dependencies from your application code, when developing secure web applications. Unfortunately the JEE spec. is very limited in the security area, and you often need to use another framework such as this or JSecurity, or roll your own.
Providing this support in Click is probably best done through an example application, which demonstrates how to do this.
Apache Ki (JSecurity) could be an alternative example for demonstrating security.