I'm in the process of building an authentication processing filter and I was
looking at BasicProcessingFilter for an example of how to do this.
After looking at the code, I was left wondering why BasicProcessingFilter
(or other APFs) have code to complete the authentication process. Doesn't
the SecurityInterceptor already do this?
I've noticed that I can put a UsernamePasswordAuthenticationToken in the
SecurityContext and let FilterSecurityInterceptor do the rest of the work.
This way my APF is simpler since it doesn't need an AuthenticationManager or
an EntryPoint. Is this a bad strategy?
Thanks,
Bob
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
