YEs initially we thought aout this solution but we are working with a legacy SSO solution that's implemented by another company...
On 12/18/06, Matt Raible <[EMAIL PROTECTED]> wrote:
Have you thought of using a single sign-on solution like Yale's CAS - this might make it easier. Acegi integrates with CAS quite easily (though I've heard, never done it myself). http://www.ja-sig.org/products/cas/ What you're doing will probably work, but using CAS is likely a more robust solution. Matt On 12/18/06, David Castañeda <[EMAIL PROTECTED]> wrote: > Hi Matt, OK I think that now I need another hand on this... :$ > > So after reading the acegi reference manual I'm planning to implement my > case as follows... > > I'll create another filter CookieBasedFilter and a provider > CookieBasedProvider the idea is that if the request to the server gets with > this cookie I'll authenticate based on cookie parameters and make an > Authentication object available for authorization purposes.. > > I'm modifying roller security.xml to .... > > ============================================================== > <bean id="filterChainProxy" > class="org.acegisecurity.util.FilterChainProxy"> > <property name="filterInvocationDefinitionSource"> > <value> > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON > PATTERN_TYPE_APACHE_ANT > > **=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter, > cookieBasedFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor > </value> > </property> > </bean> > > <bean id="authenticationManager" > class="org.acegisecurity.providers.ProviderManager"> > <property name="providers"> > <list> > <ref local="daoAuthenticationProvider"/> > <ref > local="anonymousAuthenticationProvider"/> > <ref local=" > cookieBasedAuthenticationProvider"/> > <!-- rememberMeAuthenticationProvider added > programmatically --> > </list> > </property> > </bean> > > <bean id="cookieBasedAuthenticationProvider" > class=" org.apache.roller.ui.core.security.CookieBasedAuthenticationProvider"> > > </bean> > > <!-- ===================== COOKIE ==================== --> > <bean id="CookieBasedFilter" > class="org.apache.roller.ui.core.security.CookieBasedFilter"> > <property name="authenticationManager" ref="authenticationManager"/> > </bean> > > =============================================== > The rest is unmodified... at this point have you any suggestion in this > approach ... ??? or better do you know about a reference about something > similar to this. > > Again, thanks a lot for your help... > > PD... I'm reattaching the conversation to roller mail list > -- http://raibledesigns.com
-- David Castañeda R.
