Currently the Acegi Security reference guide uses this example: <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.SiteminderAuthenticationProcessingFilter" > <property name="authenticationManager"><ref bean="authenticationManager"/></property> <property name="authenticationFailureUrl"><value>/login.jsp?login_error=1</value></pro perty> <property name="defaultTargetUrl"><value>/security.do?method=getMainMenu</value></prop erty> <property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property> <property name="siteminderUsernameHeaderKey"><value>SM_USER</value></property> <property name="formUsernameParameterKey"><value>j_username</value></property> </bean>
But from looking at the code in Acegi Security 1.0.2, a blank username and password will be stored in the UsernamePasswordAuthenticationToken if the siteminderPasswordHeaderKey is null or empty--as siteminderPasswordHeaderKey is in this example. Can anyone verify? Mat Lowery Software Engineer Pentaho The Open Source Business Intelligence Company Citadel International, Suite 340 . 5950 Hazeltine National Dr. . Orlando, FL 32822, USA +1 407 812-OPEN (6736) Download the latest release today. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
