Scott Evans wrote:
Ben wrote:
-snip- Ive made isPasswordCorrect protected (see CVS).
You should be able to subclass DaoAuthenticationProvider,
override this method, and achieve the desired functionality.
-snip-
Thanks for doing this but I had problems with the Authentication object that DaoAuthenticationProvider returns on a successful login.
I experimented with adding a protected createSuccessAuthentication method but I'm afraid this is beginning to corrupt the DaoAuthenticationProvider code.
So instead I wrote an interceptor to "advise" DaoAuthenticationProvider's authenticate method.
This only works because DaoAuthenticationProvider exposes its AuthenticationDao with a getter.
Do you see any problems with this approach. It appears to work great.
-Scott
Hi Scott
Thanks for sending me your code off-list. It's an interesting approach. I can't see any issues with relying on the getters for AuthenticationDao and UserCache from the DaoAuthenticationProvider. They shouldn't need to be removed unless there is a major refactoring, in which case your interceptor would probably need changes anyway.
I can see why you had problems with solely overriding isPasswordCorrect(Authentication, User), as the returned Authentication object would be missing your extra ZIP code credential. I am wondering why a createSuccessAuthentication(Object principal, User user) wouldn't work. Overriding it would allow extra credentials-related properties to be set, whilst the DaoAuthenticationProvider version of the method would use the password. Did you come across some issue preventing this from working cleanly?
Best regards Ben
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
