It's great to see this howto up on the wiki! I have been playing around with the example and I have a couple of suggestions to make.
1. The FormProcessingFilter service point is most likely not required. Since the actual authentication is done programatically through the Acegi API, it does not appear to use the FormProcessingFilter at all. When I take this code out, there is no change whatsoever to the behaviour of the app. 2. If a user navigates directly to the login page and logs in successfully, the savedRequest object will be null, resulting in a NullPointerException. I don't have a generic solution for this one yet. It depends on how the pages are set up. 3. Here is a snippet that could be added to the end of the page for people wondering how to Logout: Add the following code to any html page where you want a logout link to appear: <span jwcid="@ServiceLink" service="ognl:@[EMAIL PROTECTED]">Logout</span> FYI this only works when using form based authentication through Tapestry. If you use Basic authentication, it will not. The root cause of this appears to be that Acegi maintains a session independently of Tapestry with Basic auth, because Tapestry is bypassed. When using Form based authentication, the ContextHolder's context gets tied to the Tapestry session, and is discarded when that session is destroyed. -- View this message in context: http://www.nabble.com/Feedback-for-the-AcegiSpringJava5FormBased-wiki-page-tf3143789.html#a8714094 Sent from the Tapestry - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]