on 8/16/01 12:52 PM, "Diethelm Guallar, Gonzalo"
<[EMAIL PROTECTED]> wrote:
> I need to force a Turbine app to forget about checking
> the user against the Turbine DB; in fact, the user will
> NOT exist in that DB, and it will be validated by an
> external process. To accomplish this, I plan to change
> the SessionValidator to do basically this:
>
> public class MySessionValidator extends TemplateSessionValidator
> {
> public void doPerform( RunData data ) throws Exception
> {
> data.setUser(TurbineSecurity.getAnonymousUser());
> data.save();
> }
> }
>
> Is this the right approach? Can anybody point any potential
> pitfalls with this appro
That will not do any user creation/validation for you though.
You should implement your own SecurityService who does the validation
against whatever you need. Look at how DBSecurityService and
LDAPSecurityService are implemented.
-jon
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
