[Acegisecurity-developer] Authentication callback?

[Joseph Schmoley]

Where in the Acegi framework can I plug in a piece of code to be called upon successful Authentication?  I need a couple of things to be placed onto the session after a user has been successfully authenticated into our system.   I took a look at net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter and it looks like it's got everything I need except for a way to look for and run a registered callback object.   Unless I'm missing some other interface/class that I haven't seen yet, how does the following sound:   Add a callback property to the config for AuthenticationProcessingFilter:    <bean id="authenticationProcessingFilter"   class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter">   <property name="authenticationManager">    <ref bean="authenticationManager"/>   </property>   <property name="authenticationFailureUrl">    <value>/login/loginError.do?login_error=1</value>   </property>   <property name="defaultTargetUrl">    <value>/</value>   </property>   <property name="filterProcessesUrl">    <value>/login/j_acegi_security_check.flt</value>   </property>   <property name="callback">    <ref bean="authenticationCallback"/>   </property>  </bean>  <bean id="authenticationCallback"   class="mycompany.mypackageAuthenticationCallback"> AuthenticationCallback would implement an interface HttpCallback:   /** * A callback interface to be used whenever another process needs to be notified of an * HTTP-related event that's occured. Its first use is a callback right after a successful * authentication attemp. */ public interface HttpCallback {     public void callback(HttpServletRequest request, HttpServletResponse response); }   This way the code at the end of AuthenticationProcessingFilter.attemptAuthentication() can be changed to check for this registered callback and call it before returning the Authentication object.   How does this sound?   Joseph   ----- Original Message ----- From: Ben Alex To: [EMAIL PROTECTED] Sent: Friday, June 25, 2004 3:16 PM Subject: Re: [Acegisecurity-developer] How do I avoid the IE redirect warning dialog? Joseph Schmoley wrote: > Ok Ben, I understand now.  Except for one minor point...  It's exactly > the other way around from what you suggest.  The problem isn't from > HTTP to HTTPS, it's from HTTPS to HTTP.  So I'd have to write a > _javascript_RetryWithHttpEntryPoint.java and wire it in.  I'll go ahead > and do that. >  > Do you want me to submit it to you guys for inclusion into CVS?  There > has to be many others who've run into this issue as well. >  Hi Joseph That would be excellent. Thanks Ben ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer