On Thu, Feb 19, 2009 at 4:45 PM, Razvan Dragut <[email protected]>wrote:
> Hi Taneli, > > I think you need to add a filter to your application (JSecurityFilter or a > subclass of it). Also you should set the session mode for your security > manager to http, this way the session/subject is "bound" to the http > session. Not sure whether it will still be bound to the current thread as > well but I suppose not. > All I am telling you is from what's in my mind ( I am a beginner with > JSecurity ) ... i don't have the JSecurity code in front of me and also I am > not an authority in JSecurity and I might be wrong. If I'm wrong, please > correct me. > > Hi Razvan, And thanks for your answer. Unfortunately using JSecurityFilter is not an option, because there's currently no way to use a custom SecurityManager with it. Setting the securityManager in the filter config parameter doesn't work as IniConfiguration.createSecurityManagerForSection method returns always a DefaultWebSecurityManager (a bug maybe?). Regards, Taneli
