I've wanted to check out the AGECI secure layer for a while now, but you are
right, the docs are a little daunting.
I have a couple of questions about it, maybe I should be asking on that
mailing list, but people here seem to be knowledgeable, so here goes:
Does AGECI have any tie in with the view layer? What I mean is can I do
something like this in the view layer:
<% if(getCurrentUser().hasPermission("delete users")) %>
<% } %>
My hesitation to using it is that I don't need to switch between SSO-driven
authentication and classic DAO, so I'd rather have something that is simple
and tightly integrated with Stripes. I rather not add the complexity of
AGECI, more XML files and configurations, etc. if it is something that can
be accomplished with a filter or two and some annotations.
On 8/10/06, Renaud Bruyeron <bruyeron@...> wrote:
> Spring ACEGI has such a feature. I find it is quite a good framework,
> and being filter-based it can be non-invasive to your code. I use it for
> authentication mostly, and in effect it replaces the J2EE built-in
> j_security crap. I don't know the details of the remember-me feature in
> ACEGI, though, ymmv.
> I would recommend you take a look at ACEGI before coding your own
> authentication system: the great thing about ACEGI is that it's quite
> spring-friendly in that all its major features are
> pluggable/replaceable, and it comes with many builtins. As an example, I
> recently threw away custom auth code and inserted ACEGI in its place:
> now I can switch between a SSO-driven authentication system (using
> ACEGI's builtin CAS plugin) and a classic DAO-based form by just
> swapping a bunch of beans in the XML...
> The documentation for ACEGI can be intimidating (it can do many other
> things, including ACLs), but it is worth it.
> - Renaud
> VANKEISBELCK Remi wrote:
> > Hi there,
> > We're currently writing an app "in the garage" with friends (Myspace,
> > get ready, we're coming ;-P ), Stripes-powered of course
> > (AndroMDA/Spring/Hibernate backend), with the usual "user account"
> > stuff (create account, login, etc.)
> > I have that login/pwd form, etc., and I'd like to implement the
> > "remember me" feature, where the user doesn't have to log-in everytime
> > he/she opens the browser...
> > I'm about to write my own implementation of that (based on request
> > cookies, stored in DB associated to my users, and manipulated via
> > ActionBeanContext methods - the app is fully stateless), maybe some of
> > you has already done something similar ?
> > More generally, any "stateless experiences" with Stripes and things to
> > say about it ?
> > Thanks for any inputs...
> > Cheers
> > Remi
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> Stripes-users mailing list