Scott Evans wrote:
Actually, the default implementation of isAuthenticationCorrect(authentication, user) could be the code found in the current isPasswordCorrect method.
For the filter, I think it might make more sense it just create a new one rather than adding a hook for subclasses to instantiate their custom Authenticate implementations.
Hi Scott
In the interests of simplicity, I've made isPasswordCorrect protected (see CVS). You should be able to subclass DaoAuthenticationProvider, override this method, and achieve the desired functionality. I did consider adding a few hooks (eg for the second stage of authentication, after the password has been validated) but I didn't think it would be widely used and you could just add both checks into an isPasswordCorrect overridden method (including calling super.isPasswordCorrect to avoid rewriting the password checking block).
As for collecting the zip code, yes, you'll need a new AuthenticationProcessingFilter. This is needed so you can pull the zip code entered by the user from an appropriate source.
If you need any further changes, just let me know. Hope you find the project helpful.
Best regards Ben
------------------------------------------------------- This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
