<< Java和时区(Time zones and Java) | 首页 | log4j在集群cluster环境下运行 >>

how can I use Acegi Security with WebLogic or websphere?

from forum.springframework.org

Acegi Security provides its own authorization interfaces and classes. For the authentication side you have a choice of several approaches:

- Container adapters. This leaves your Servlet container to perform authentication via web.xml security constraints. The resulting Principal is available via the HTTP request, which Acegi Security "reads" and then handles authorization.

- Acegi-handled form user authentication. Basically traditional "form" authentication but fully contained within Acegi Security.

- Acegi-handled BASIC authentication. Basically traditional "BASIC" authentication but fully contained within Acegi Security.

- Acegi-handled CAS authentication. Integrates with Yale CAS (a popular open source single sign on system) but fully contained within Acegi Security (apart from the CAS server, which is just a separate webapp).

If you use any of the "Acegi-handled" options for authentication you do not need to worry about which container you are using. We aim for complete container portability. Most people use an "Acegi-handled" option as it's also far more flexible.

If you use "container adapters" for authentication you will need a suitable adapter. We don't have one for WebLogic (only Resin, JBoss, Jetty and Tomcat). There's no reason you wouldn't be able to write a WebLogic adapter, though.

We recommend you use an "Acegi-handled" option to enjoy container portability and more widely used, supported and maintained code.

标签 :



发表评论 发送引用通报