AbstractAuthenticationProcessingFilter vs. AbstractPreAuthenticatedProcessingFilter
What is the difference between these 2?
My scenario is that I want to integrate RPX sign in (openid, twitter, ...) next to standard form login.
My entry point in my mvc page is that I get a response from RPX with a request param token.
With this token I can make an HTTP request to see if user is authenticated and if so I get back an identifier.
I'm wondering if I should use AbstractAuthenticationProcessingFilter or AbstractPreAuthenticatedProcessingFilter?
Some additional info:
I will be storing the identifiers in my own system together with additional data not in RPX.
My system will also contain "native" username/password users as I like to give users the option to sign in using a "native"/my application specific username or using an existing identief they use dailly (Google account, openid, twitter, Yahoo)