John Noble wrote: > So. Does anyone know if I can configure Acegi to handle this kind of > situation, or should I just run two separate contexts, one /webapp-backend/ > and one /webapp-customer/ for example? > Or should I have a shared table or something.. "basic_user" that holds > credentials for both employees and customers and then associate the user > either with an employee or a customer and just have one set of roles?
The simplest thing to do is try to have just one set of tables, bearing in mind you can use a custom GrantedAuthority (from your UserDetailsService) to indicate whether a particular Authentication relates to a customer or employee. If you really wanted to have multiple tables, you might be able to approach it by a custom authentication mechanism and provider, with the mechanism detecting either a radio button on the login page (ie customer or staff) or more likely the HttpSession attribute which records the destination page, and then modifying the Authentication request object to include an employee or customer prefix. Your UserDetailsService would then query the relevant target table. Cheers Ben ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
