Hi! > Is there a proper way to integrate spring security on an conversation scope, > provided by orchestra, so that one can login for each conversation > separately?
Phu, we too use Spring Security, but to authenticate against the whole session. First, I think you meant you would like to authenticate against a conversation context, no? The conversation context is the one responsible to do the window separation and to hold multiple conversations. Your use case is pretty sophisticated. Unhappily I have no clue if it can work at all. You have to find a way to let Spring Security get/fetch the principal from the conversation context. Are you using form authentication? Else you might run into problems where the browser sends already known user credentials to any login request. Probably, best will be you implement your own security layer :-( Ciao, Mario