Re: [Acegisecurity-developer] authentication processing filter design question
hi Bob Authentication processing filter is in charge of authentication, and FilterSecurityInterceptor takes care of access control. Regards, Shi - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
[Acegisecurity-developer] authentication processing filter design question
I'm in the process of building an authentication processing filter and I was looking at BasicProcessingFilter for an example of how to do this. After looking at the code, I was left wondering why BasicProcessingFilter (or other APFs) have code to complete the authentication process. Doesn't the SecurityInterceptor already do this? I've noticed that I can put a UsernamePasswordAuthenticationToken in the SecurityContext and let FilterSecurityInterceptor do the rest of the work. This way my APF is simpler since it doesn't need an AuthenticationManager or an EntryPoint. Is this a bad strategy? Thanks, Bob - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer