Matthew Holt wrote: > 1. Read SSO cookie username. > 2. Check username against LDAP. > > You need to write an "authentication mechanism" that can setup the SecurityContextHolder with an Authentication object representing the username derived from your SSO cookie. Usually this will be implemented as a Servlet Filter, as discussed more fully in the reference guide that ships in the release ZIPs or can be accessed from www.acegisecurity.org.
Best regards Ben Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer