Ben, I have downloaded and built the current CVS version and run all my application test agains it. Everything is OK except one little backward incompatibility: when my old code (custom AccessDecisionVoter or Tapestry Engine) needs to get the username of logged in user it calls auth.getPrincipal().toString() and it of course fails now. It is obvious and easy to fix, but maybe for the sake of backward compatibility the net.sf.acegisecurity.providers.dao.User should implement a method toString() returning the username.
I don't need this change and it is maybe not completely correct to do that, but you and other acegisecurity users should be aware of it. I'm looking forward to the new User or UserDetails interface as you discussed in the "User private members" thread. Thanks for your great work and best regards, Karel ----- Original Message ----- From: "Ben Alex" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, June 21, 2004 8:24 AM Subject: Re: [Acegisecurity-developer] Custom attributes on User Object > Karel Miarka wrote: > > >>Yes, I agree it's worthwhile to have the User object available from an > >>Authentication. I think we got to the point of agreeing it would be > >>returned from Authentication.getCredentials() and I asked if this would > >>cause concerns for anybody. I didn't receive any feedback, so I will go > >>ahead with this change. > >> > >> > > > >I'm sure you wanted to write Authentication.getPrincipal() as the right > >place for returning the User object instead of > >Authentication.getCredentials() . I'm just mentioning this to not confuse > >other people. > > > >Regards, > >Karel > > > > > Checked into CVS changes to enable this. It sounded simpler than it > turned out to be, because much code relied on > Authentication.getPrincipal() returning a String, being the username. So > I've had to add a DaoAuthenticationProvider.forcePrincipalAsString > property (defaults false), so existing code requiring a String can set > this property to true and not break. > > There is an upgrade text file in CVS as well, describing the changes. > Documentation also updated. Unit tests pass, as do the container > integration tests. > > Would people using CVS please try this out. I'd like to ensure our > DaoAuthenticationProvider code is reliable. > > Best regards > Ben > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference > Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer > Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA > REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND > _______________________________________________ > Acegisecurity-developer mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > > ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
