I am new to Acegi and am trying to get it working for my application, which is a SWT thick client talking to Business Methods in Tomcat (via Hessian).
I have it mostly working but I have the following hangup: when I try to authenticate a user with bad credentials (ie, bad password), I get a HessianProtocolException:
org.springframework.remoting.RemoteAccessException : Cannot access Hessian service at [http://localhost:8081/GraceWeb/Remote/SampleManager]; nested exception is com.caucho.hessian.io.HessianProtocolException: etc...
This is not what I would expect. I would expect a BadCredentialsException, I guess.
When I have a user who doesn't have enough privileges to call a certain method (but has a correct u/p), I get a lovely:
net.sf.acegisecurity.AccessDeniedException: Access is denied.
as I would expect.
Why am I getting the HessianProtocolException instead of the BadCredentialsException in the first scenario? I can provide config info if necessary.
Btw: excellent work, Ben! This is so much better than trying to get security working with JBoss (where I am migrating from). I never could get it to work because the docs were so sparse and there were no examples. But Acegi is much more usable.