Ben,
Thanks tons for the input and direction now I just need to figure out what
it all means. :) I may be back with more questions as I digest and learn.
:)
>The only thing you gain by going through all of this is EJB declarative
>security.
Correct me if I'm wrong but another reason might be for propagation of
security information to a remote EJB? This is mainly what I need to
integrate with container managed security for, maybe there's another way?
>If it were me, I'd be going with the former option and in due course
>refactoring the EJBs to native POJOs that can be managed directly by
Spring.
On that topic would it be very difficult, possible, or useful to create a
spring interceptor that initializes and wraps an acegi threadlocal security
context given the current J2EE authenticated principal? Similar to how the
Transaction and Hibernate Interceptors work? I realize it would probably
require some sort of container specific method of obtaining the principal
associated with the current context; however, this functionality would be
very handy for those who cannot yet ditch container managed authentication
entirely. :) Any input or guidance for such an interceptor would be greatly
appreciated as well.
Regards,
Mike
-------------------------------------------------------
This SF.Net email is sponsored by: SourceForge.net Broadband
Sign-up now for SourceForge Broadband and get the fastest
6.0/768 connection for only $19.95/mo for the first 3 months!
http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
