[ http://jira.andromda.org/browse/SPRING-112?page=comments#action_12043 ] Peter Friese commented on SPRING-112: -------------------------------------
There are several issues with implementing this feature. Acegi has the aforementioned RemoteSecurityManager, which needs to be made exported using one of the remoting protocols. I see the following two ways of achieving this: 1) Model the Service as if it was a normal service. Since we already have an implementation of the service, we would need to suppress generation of the service bean, and only have the spring config entry generated. 2) Add the neccessary additional declarations to the generated context.xml files. Unfortunately, there is one big problem: it is hard to find out under which server address / port this service should be published / imported. The templates currently read this information by querying the metafacades. Since we wouldn't have a metafacade instance for the RemoteSecurityManager service, we couldn't use this approach. So, we'd have to add a namespace property to define the service URL. IMO approach #2 seems quite awkward to me. I'd rather like to implement approach #1. There might be other services the users would like to export in this manner in the future (legacy code or stuff inside a JAR file). So, to implement approach #1, we need a way to express that only the bean config must be generated and no service bean. We have a similar case for abstract services: we only generate the service bean and not the config code in this case. How about marking the respective service as "final"? I looked into MD and didn't find a "final" toggle in the class specification dialog, but I suspect "leaf" might be equivalent to "final" - is this true? > Add rich-client support to Acegi support > ---------------------------------------- > > Key: SPRING-112 > URL: http://jira.andromda.org/browse/SPRING-112 > Project: Spring Cartridge > Type: New Feature > Versions: 3.1RC1 > Reporter: Peter Friese > Assignee: Peter Friese > Fix For: 3.1RC1 > > For rich clients, it is essential to be able to contact the server in order > to perform some kind of authentication before the user is allowed to use tha > application. > Acegi comes with a remote authentication manager > (net.sf.acegisecurity.providers.rcp.RemoteAuthenticationManager) that helps > with this. ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf