Hey Tim, Jaas is full of smells :P
Let's see if I can help you out here...
1. You are correct. You can chain AuthenticationProviders, but as soon
as one returns a valid token the chain ends.
2. The first part of this is what the AuthorityGranter interface is
designed for. The AuthenticationDao t
Hi everyone,
On this project I’m working on, we are using JAAS to
authenticate a token, and Acegi’s JAAS support classes allow for the
translation of the user and its principals to Acegi’s authority
objects. But in this particular case, we are not interested in the
principals that J
Hi all
Mark St Godard has just joined the development team, initially to work
on switchable user profiles at runtime - a bit like the "su" command in
Unix, but suitable for webapps
(http://opensource.atlassian.com/projects/spring/browse/SEC-15).
Welcome Mark.
Cheers
Ben
--