Where in the Acegi framework can I plug in a piece of code to
be called upon successful Authentication? I need a couple of things to be
placed onto the session after a user has been successfully authenticated into
our system.
I took a look at
net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter and it looks like
it's got everything I need except for a way to look for and run a
registered callback object.
Unless I'm missing some other interface/class that I haven't
seen yet, how does the following sound:
Add a callback property to the config for
AuthenticationProcessingFilter:
<bean
id="authenticationProcessingFilter"
class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="authenticationManager"> <ref bean="authenticationManager"/> </property> <property name="authenticationFailureUrl"> <value>/login/loginError.do?login_error=1</value> </property> <property name="defaultTargetUrl"> <value>/</value> </property> <property name="filterProcessesUrl"> <value>/login/j_acegi_security_check.flt</value> </property> <property name="callback"> <ref bean="authenticationCallback"/> </property> </bean> <bean id="authenticationCallback" class="mycompany.mypackageAuthenticationCallback"> AuthenticationCallback would implement an interface
HttpCallback:
/**
* A callback interface to be used whenever another
process needs to be notified of an
* HTTP-related event that's occured. Its first use is a callback right after a successful
* authentication attemp.
*/
public interface HttpCallback {
public void callback(HttpServletRequest request,
HttpServletResponse response);
}
This way the code at the end
of AuthenticationProcessingFilter.attemptAuthentication() can
be changed to check for this registered callback and call it before returning
the Authentication object.
How does this sound?
Joseph
----- Original Message -----
From: Ben Alex
Sent: Friday, June 25, 2004 3:16 PM
Subject: Re: [Acegisecurity-developer] How do I avoid the IE
redirect warning dialog? > Ok Ben, I understand now. Except for one minor point... It's exactly > the other way around from what you suggest. The problem isn't from > HTTP to HTTPS, it's from HTTPS to HTTP. So I'd have to write a > _javascript_RetryWithHttpEntryPoint.java and wire it in. I'll go ahead > and do that. > > Do you want me to submit it to you guys for inclusion into CVS? There > has to be many others who've run into this issue as well. > Hi Joseph That would be excellent. Thanks Ben ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer |
- [Acegisecurity-developer] How do I avoid the IE redirect w... Joseph Schmoley
- Re: [Acegisecurity-developer] How do I avoid the IE r... Ben Alex
- Re: [Acegisecurity-developer] How do I avoid the ... Joseph Schmoley
- Re: [Acegisecurity-developer] How do I avoid ... Ben Alex
- Re: [Acegisecurity-developer] How do I av... Joseph Schmoley
- Re: [Acegisecurity-developer] How do... Ben Alex
- Re: [Acegisecurity-developer] Au... Joseph Schmoley
- Re: [Acegisecurity-developer... Ben Alex