Ben, I am using HttpInvoker and Ihave implemented my own RemoteAuthenticationProvider and RemoteAuthenticationManager, and I am just returning Authentication all the way back to client. Principal is my custom User which wrappes my domain object which is basically a user with some its details, like email, last name , first etc. It seems to work fine. Would there be a problem with this approach?
Amad --- Ben Alex <[EMAIL PROTECTED]> wrote: > Amad Fida wrote: > > >I have trying to use acegi with my rich client > project > >and wasn't able to get back my custom UserDetai > back, > >I was constantly getting String back. I think I > know > >why, > > > > > > > The RemoteAuthenticationManager interface, which is > what actually > handles the client-server remoting call, defines > this single interface: > > public GrantedAuthority[] > attemptAuthentication(String username, String > password) throws RemoteAuthenticationException; > > This method signature was deliberately limited to > returning > GrantedAuthority[]s because we needed to maximise > remoting system > compatibility. IIRC I did try returning a > UserDetails (or was it > Authentication?) but the serialization issues were > quite problematic > with Hessian and Burlap. Instead I went for the > lower possible amount of > information needed by a remote client for security > purposes. > > If you need a UserDetails, you'll need to > authenticate using a different > type of approach. The > net.sf.acegisecurity.providers.rcp probably > provides a good foundation, though, to base your own > design on. > Alternatively, you could just retrieve the > UserDetails from a services > layer method subsequent to authentication. > > Ben > > > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT > Products from real users. > Discover which products truly live up to the hype. > Start reading now. > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click > _______________________________________________ > Home: http://acegisecurity.sourceforge.net > Acegisecurity-developer mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
