Acegi newbie and Struts integration

I'm new to this spring-acegi movement so sorry if I'm asking obvious questions but I'm having some problems in migrating. I used to specify roles that can execute struts action in struts config, can I still use this feature?
I used to do the login in the LoginAction and it's ActionForm where I'd invoke a business delegate through which I'd authenticate the user, take the UserDTO from my app's model and I'd add it to the session. Does this continues to be a good practice?
Also as I don't use the j_acegi_security_check but my action on the form leads to LoginAction.do, how do I map it in the applicationContext-acegi-security.xml file?
Do I still need the security constraints and roles defined in the web.xml once I start using acegi or are they needed for struts?
If a role was named S does it become ROLE_S in acegi?
Thanks

Quote:

---

I used to specify roles that can execute struts action in struts config, can I still use this feature?

---

Yes of course, just add the

Code:

---

requestWrapper

---

in your filter chain and

Code:

---

<bean id="requestWrapper" class="net.sf.acegisecurity.wrapper.ContextHolderAwareRequestFilter"/>

---

in your security context.xml file.
Struts request processor will be able to call request.isUserInRole().

Quote:

---

Do I still need the security constraints and roles defined in the web.xml once I start using acegi or are they needed for struts?

---

No you don't need those anymore because you won't have to use a REALM.
Simply declare your security constraint in the acegi spring config file.

Quote:

---

If a role was named S does it become ROLE_S in acegi?

---

No you are not forced to use ROLE_ prefix.
In the bean that defines the

Code:

---

net.sf.acegisecurity.vote.RoleVoter

---

simply define the property

Code:

---

<property name="rolePrefix"><value>null</value></property>

---

(I'm not completly sure of the syntax because I find the ROLE_ prefix quite handy).

Quote:

---

Also as I don't use the j_acegi_security_check but my action on the form leads to LoginAction.do, how do I map it in the applicationContext-acegi-security.xml file?

---

I guess I advice you to use acegi authentication mechanisms.
Nothing prevents you to load your user profile the way you did before but in a servlet filter instead. Simply trigger your filter if the user is authenticated but your application user profile is null in the session.

Hope it helps.
I have written a very simple entry in my blog on migrating from a REALM to ACEGI