Em Thu, 01 Oct 2009 11:33:33 -0300, <[email protected]> escreveu:
Well, on second thought, it isn't really better as creating the User object involves LDAP access, thus some overhead. I'd prefer creating the User object only if the authorization info has changed since the last request. This would require storing it into the session, and the access controller needs to be perthread. Is this correct after all?
Yes, but the controller doesn't need to be perthread. Believe me. :) Or at least try it. ;)
-- Thiago H. de Paula Figueiredo Independent Java consultant, developer, and instructor http://www.arsmachina.com.br/thiago --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
