It seems to me that the ContextHolderAwareRequestFilter should be an
enabled filter by default in Acegi - allowing folks to use
request.isUserInRole() and many tag libraries with their applications.
It seems like it'd be a lot simpler (especially from a configuration
perspective) to roll the functionality of this filter into the
HttpSessionContextIntegrationFilter - since it's always needed. I can't
think of any reason why you wouldn't want the
ContextHolderAwareRequestFilter enabled in a webapp. Thoughts?
Matt
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer