" if (!cacheWasUsed) {
// Put into cache
this.userCache.putUserInCache(user);
// As this appears to be an initial login, publish the event
if (this.context != null) {
context.publishEvent(new AuthenticationSuccessEvent(
authentication, user));
}
"
since once Acegi is in charge of security, with every secure method execution there is an authentication check "behind the scenes". Then we just need to be pretty secure this event is properly fired when a real login action has been performed not just an authentication with no cacheUsed.
Thanks,
Gustavo.
On 8/3/05, Mark St.Godard <[EMAIL PROTECTED]> wrote:
Cameron, this does not sound like the desired semantics. I have also
confirmed that this is happening on the contacts sample.
Ben, I can create a JIRA entry and fix, test and commit this today.
Cheers,
Mark
Re:
--------------------------------------------------
"DaoAuthenticationProvider.java around line 300, publishes an
AuthenticationSuccessEvent when the user has logged in. However – it
only does this if the cache wasn't used… This seems odd and incorrect
to me.
Since this sequence of events misses the second event :
1) login as user A – event is fired
2) logout
3) login as user A – event isn't fired
It's a simple change – does someone mind to do it ?"
I would make a patch – but CVS is failing.
Thanks
Cameron
