Nebinger, David wrote:
Adding Spring, yes, but it should be noted that one of the strengths of Spring is that you can use just the pieces you need/want w/o rearchitecting your whole architecture. If you had a non-spring project, you can get away with adding spring core and acegi jars, add a small beans config file, the rest (as far as acegi is concerned) is added by adding a servlet filter and a context listener. You don't have to write a line of code (as long as you can use the distributed mechanisms for user validation), yet have a security layer integrated into your application. Spring rocks! ;-)
Yes, I did see indications of that when I looked through their website. For anyone else interested in trying Acegi, who don't already use Spring, see [1].
I think it's something I might give a try, if I end up being unsatisfied with using only container-managed security features.
[1] http://acegisecurity.org/standalone.html Regards, Jeff Bischoff Kenneth L Kurz & Associates, Inc.
