YH Cheng wrote:
Hi all,
I am deciding to use acegi as the login system for my webapp, and
thinking about the customization I need to do in order to handle 2
requirements:
1. let user to switch HTTP or HTTPS - It's not related to acegi; but I
am thinking about the implementation. SO JUST IGNORE THIS...
The net.sf.acegisecurity.securechannel package contains what you need to
do this. Basically you add a filter to web.xml which calls
ChannelProcessingFilter. This filter stores URI mappings and passes them
to a channel decision manager, which goes and polls a series of channel
decision processors. A channel decision processor will redirect to a
different protocol if needed by the URI mapping. There is an example of
configuration in current CVS in
samples/contacts/src/main/webapp/cas/WEB-INF/applicationContext-acegi-security.xml.
2. let user to have a 'remember me' feature when login, aka, login by
cookie. Implementation would be: when user login succeeds, stores a
serial number in a cookie and in server db. So that when user is
requested to login again (on next day, say) , webapp retrieves the
serial number from cookie and compare it against the value in db. Here
the problem comes: acegi requires username and password for most of
the authentication. I want something that takes username, password or
cookie from client and do authentication based on username/password or
username/cookie. How can I implement this behaviour? Which interface
should I implement? Or can I modify 'filter' and
'DaoAuthenticationProvider' to achieve this? I just want an idea and
I'd try that all~~
See this thread for some design ideas:
http://sourceforge.net/mailarchive/forum.php?thread_id=5177499&forum_id=40659.
There are also other threads on acegisecurity-developer which would help
- try a search. It's really not that difficult to achieve remember me
functionality (as well as anonymous user functionality with a similar
approach). I really should just go and code it myself, given it is a
common request.
Best regards
Ben
-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
