On Dec 29, 2004, at 8:53 PM, Ben Alex wrote:
One issue I'd appreciate some comments on is container adapter deprecation. I know some people use the JBoss container adapter (as they need to use EJB security as well), but I've not heard of any usage of the Resin, Tomcat or Jetty adapters. It seems unwise to maintain a suboptimal (non-portable) approach, especially as pre-1.0.0 we can deprecate them.
While I found it fairly easy to port a container-managed application to use Acegi, I think it's important to keep the container adapters. Mainly to support Servlet 2.2 applications.
Using container-managed authentication usually only requires a handful of lines in web.xml and a few more in a server-specific deployment descriptor. This makes me wonder if there's a simpler way to configure Acegi (consolidating filters?). Or maybe defaults can be set in an XML file in the JAR and then overridden if/when necessary? Ordering of filters seems to be a common problem - it'd be great to somehow make this issue go away by consolidating to one or two filters.
Finally, the status of the project is up for discussion. I met Rod a few days back and we briefly discussed making Acegi Security a formal Spring subproject. This, coupled with a 1.0.0+ version number, would make some people and organisations more comfortable using it. What does the community think of this idea?
+1
Matt
------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
