Hi,

I have two questions:

1) I have a web page that allows a user to select a user, class of object, an object, and the permissions of the user on the object which is then stored into the four tables provided by Spring Security ACL. My question is as follows:

Whenever for the first time an entry is inserted into the tables, the current logged in user's username is also added into the acl_sid table. I guess this comes from SecurityContextHolder. I would like to have the userId and not the username of the logged in user. Is this possible?

2) I am using @Postfilter. How can I support the authentication of a user with a userId and not username in AclPermissionEvaluator when using hasPermission method.

Thanks