Marco Mistroni wrote:
is there a link between acegi and HttpSession?
Hi Marco
Yes, there is.
Internally Acegi Security uses a ContextHolder (SecurityContextHolder
from 0.9.0 and current CVS) for all of its interactions. It's just a
ThreadLocal. So the various authentication mechanisms (BASIC, Digest,
CAS, form etc) put an Authentication object into the ContextHolder, and
Acegi Security retrieves it from there whenever required.
HttpSessionContextIntegrationFilter is responsible for copying the
contents between the ContextHolder and the HttpSession at the start and
end of each web request. As such, if your J2ME system is able to
maintain the standard jsessionid or cookie-based session identifier, you
shouldn't have any problems.
HTH
Ben
-------------------------------------------------------
This SF.Net email is sponsored by Oracle Space Sweepstakes
Want to be the first software developer in space?
Enter now for the Oracle Space Sweepstakes!
http://ads.osdn.com/?ad_id=7412&alloc_id=16344&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
