Colin, Let me clarify. The DaoAuthenticationProvider implementation calls the AuthenticationDao that I provide to retrieve a User, password, and it's granted authorities. The DefaultPassword encoder just compares the passwords. I would need a callback somewhere to allow my application to lock/log the account on unsuccessful attempts. Does this make sense?
Steve -----Original Message----- From: Colin Sampaleanu [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 12, 2004 9:13 AM To: [EMAIL PROTECTED] Subject: Re: [Acegisecurity-developer] DaoAuthenticationProvider Steve, I'm not sure exactly what you're asking? The existing code will catch an invalid login attempt without any problems. Can you describe your use case a bit better? Regards, Colin Steve Bendiola wrote: > I want to use the dao providers, but was wondering, what is the > recommended way of catching an invalid login attempt? PasswordEncoder > or extending DaoAuthenticationProvider? > > Thanks > ------------------------------------------------------- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer ------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id%62&alloc_ida84&op=click _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer