Ben,
Thanks tons for the input and direction now I just need to figure out what
it all means. :) I may be back with more questions as I digest and learn.
:)
>The only thing you gain by going through all of this is EJB declarative
>security.
Correct me if I'm wrong but another reason might be f
Hi Mike
> So after 5 min of study let me revise me proposed configuration. :)
> I guess I will be using CAS's login form which is fine. So that
> elimitates the requirement for Acegi authentication filters.
> JBoss probably can't setup CAS as its AuthenticationManager so
> perhaps it could pr
So after 5 min of study let me revise me proposed configuration. :)
* I guess I will be using CAS's login form which is fine. So that elimitates
the requirement for Acegi authentication filters.
* JBoss probably can't setup CAS as its AuthenticationManager so
perhaps it could provi
I don't want to waste too much of anyone's time but before I spend weeks
trying to set this configuration up I was wondering if I could describe
my configuration idea and if I could get a yes it's possible, no it's
not possible, or this configuration idea is dumb response from someone
who knows. :)
I would not do this in the password encoder. Its function is really the
handling of passwords, in terms of encoding and comparison, not any kind
of business logic, which is what you're talking about.
I would probably override DaoAuthenticationProcider or JdbcDaoImpl
depending on what level you
Colin,
Let me clarify. The DaoAuthenticationProvider implementation calls the
AuthenticationDao that I provide to retrieve a User, password, and it's granted
authorities. The DefaultPassword encoder just compares the passwords. I would need a
callback somewhere to allow my application to loc
