Pascal Gehl wrote:
In our project we don't have easy access to the apache config files
(politics...) and by switching to acegi we have infinite loop because
1. client is accessing a protected ressource
2. acgi tells him to go to login page
3. apache tells him to go to protected ressource
4. go back to 2.
We had to subclass the entry point to do a forward instead of a
sendRedirect.
I don't understand what in Apache is doing step 3. Is this a standard
Tomcat feature? If using Acegi Security, the recommended approach is to
not use any container security at all - just let Acegi Security do the
lot for you. It would be good if you could explain your configuration a
little more.
Cheers
Ben
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
