I agree. We have easily extended the ACL classes at logical points to handle our business particulars. The db schema was the first such issue. From what I have read on this thread, your use cases are pretty simple and you just need to learn more about how to extend acegi at the right places. The docs are pretty good for any software but the test cases are great.
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Ben Alex > Sent: Tuesday, August 17, 2004 5:35 PM > To: [EMAIL PROTECTED] > Subject: Re: [Acegisecurity-developer] hibernate compatability ( blah blah > blah ) > > Oliver Hutchison wrote: > > >>Using hibernate it is possible to do the following ( pseudo code ) > >> > >>SalesPerson salesPerson = hibernate.find( "SalesPerson as > >>salesperson where salesperson.id = 1"); > >> > >> > >> > > > >Why not just use the username (which should be unique) to lookup the > >SalesPerson? > > > >SalesPerson salesPerson = hibernate.find( "SalesPerson as > >salesperson where salesperson.username = ?", user.getUsername()); > > > >Assuming there's and index on username performance would not be an > >issue. > > > >Ollie > > > > > > > Hi Bryan > > I am inclined to agree with Ollie. Your other requirement (the last 20 > users who signed up) could be equally as effectively addressed by an > additional indexed column, createdDate. Acegi Security has no problems > with you adding additional columns to the schema (or backend) managed by > an AuthenticationDao. You can even return such additional details in the > UserDetails implementation returned by the AuthenticationDao. > > I do not believe any of your use cases could not be effectively and > modularly accommodated using the existing Acegi Security packages. Its > usefulness for your authentication needs is beyond a doubt. The ACL side > is a little grayer, simply because the ACL packages are quite new. > Having said that, I am fairly confident they'd meet your needs as > described in my earlier email. The ACL packages are reasonably flexible > if you really wanted to completely re-engineer the schema: check the > list archives for a recent discussion between Andres March and myself > about this. > > In relation to remoting integration, as you may have noticed in the > Contacts sample application, Acegi Security provides support for this > via its BASIC authentication filter. In addition, there is a new RCP > package which can be helpful for ensuring a valid login request has > happened at the client end. Check out the Petclinic RCP sample (part of > the spring-rcp project) to see this in use. > > I'd suggest trying to integrate authentication without worrying about > the ACL side. Then, once you see that working, review how the included > ACL packages work. It will be a lot clearer when you understand the > place where the method security interceptors, ContextHolder, > AuthenticationDao, and AccessDecisionVoters fit into the bigger picture. > Of course we're also happy to continue helping you on-list. > > Best regards > Ben > > > > ------------------------------------------------------- > SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media > 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 > Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. > http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 > _______________________________________________ > Acegisecurity-developer mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
