Okay, I've solved it, thanks to the previous answer pointing me towards 'around' and also to this tutorial which was really useful (http://www.compiletimeerror.com/2013/05/spring-aop-around-advice-example.html#.UzMAJvkRAmM). Here is the main method:
public static void main( String[] args ){
ApplicationContext context = new ClassPathXmlApplicationContext("context.xml");
List<String> names = new ArrayList<String>();
List<User> users = new ArrayList<User>();
names.add("Chris");
names.add("Dave");
names.add(";DROP table");
names.add("Bob");
User user = null;
for(String name : names){
user = context.getBean("user", User.class);
user.setUsername(name);
if(user.getUsername()!=null){
users.add(user);
}
}
for(User u : users){
System.out.println(u.getUsername());
}
}
Here is the check method in Security:
public void check(ProceedingJoinPoint pjp) throws Throwable {
boolean match = false;
Object o[] = pjp.getArgs();
for(String word: words){
if(o[0].toString().toLowerCase().contains(word)){
System.err.println("Unsafe word " + word + " found!!!!!");
match = true;
}
}
if(!match){
pjp.proceed();
return;
}
}
And here is the context.xml:
<bean id="user" class="com.company.springAOPExample.User" scope="prototype" />
<bean id="security" class="com.company.springAOPExample.Security" />
<aop:config>
<aop:aspect ref="security">
<aop:pointcut id="setUsername" expression="execution(* com.company.springAOPExample.User.setUsername(java.lang.String))" />
<aop:around pointcut-ref="setUsername" method="check" />
</aop:aspect>
</aop:config>