BTW, we use hibernate for all our data access. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Ben Alex > Sent: Tuesday, August 17, 2004 5:35 PM > To: [EMAIL PROTECTED] > Subject: Re: [Acegisecurity-developer] hibernate compatability ( blah blah > blah ) > > Oliver Hutchison wrote: > > >>Using hibernate it is possible to do the following ( pseudo code ) > >> > >>SalesPerson salesPerson = hibernate.find( "SalesPerson as > >>salesperson where salesperson.id = 1"); > >> > >> > >> > > > >Why not just use the username (which should be unique) to lookup the > >SalesPerson? > > > >SalesPerson salesPerson = hibernate.find( "SalesPerson as > >salesperson where salesperson.username = ?", user.getUsername()); > > > >Assuming there's and index on username performance would not be an > >issue. > > > >Ollie > > > > > > > Hi Bryan > > I am inclined to agree with Ollie. Your other requirement (the last 20 > users who signed up) could be equally as effectively addressed by an > additional indexed column, createdDate. Acegi Security has no problems > with you adding additional columns to the schema (or backend) managed by > an AuthenticationDao. You can even return such additional details in the > UserDetails implementation returned by the AuthenticationDao. > > I do not believe any of your use cases could not be effectively and > modularly accommodated using the existing Acegi Security packages. Its > usefulness for your authentication needs is beyond a doubt. The ACL side > is a little grayer, simply because the ACL packages are quite new. > Having said that, I am fairly confident they'd meet your needs as > described in my earlier email. The ACL packages are reasonably flexible > if you really wanted to completely re-engineer the schema: check the > list archives for a recent discussion between Andres March and myself > about this. > > In relation to remoting integration, as you may have noticed in the > Contacts sample application, Acegi Security provides support for this > via its BASIC authentication filter. In addition, there is a new RCP > package which can be helpful for ensuring a valid login request has > happened at the client end. Check out the Petclinic RCP sample (part of > the spring-rcp project) to see this in use. > > I'd suggest trying to integrate authentication without worrying about > the ACL side. Then, once you see that working, review how the included > ACL packages work. It will be a lot clearer when you understand the > place where the method security interceptors, ContextHolder, > AuthenticationDao, and AccessDecisionVoters fit into the bigger picture. > Of course we're also happy to continue helping you on-list. > > Best regards > Ben > > > > ------------------------------------------------------- > SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media > 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 > Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. > http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 > _______________________________________________ > Acegisecurity-developer mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer