I was trying to use only the web secirity part of acegi and I was able to trim off the security xml in the contacts sample quite a bit and had it running (including the HTTPS redirection etc). So far so good! Only wish that acegi could provide a facade class that would hide all the deeply nested bean wiring from users and aggregate the 4 or 5 filters into an easily configured one .
Suppose I have a page that requires a logon user. A previous page POSTs to this member only page and the request is intercepted by the security filters. Once the user is authenticated, is it possible that the filter could replay the original POST - not just the url, also the data in the POST stream - to the secured page?
I don't want to force my users to retype in the information in the posting page.
Thanks for the excellent library, which bears much similarity to Spring: it simply works!