Acegi can't surpport the concepts:role & usergroup?

[satitan]

I am a freshman at Acegi ,I want to know if Acegi can surpport the concepts:role & usergroup. if Acegi can,how to do with it? bye

[RayKrueger]

Simply put, Acegi supports the idea of a Principal and Roles.

For example...
You can provide an AuthenticationDoa implementation that implements the loadByUsername(String username) method in a way that aggregates the users roles from groups.

Basically...
loadByUsername(String username) is called
You look up a "User" by the username"
Get the GrantedAuthorities (roles) for that User
Get the groups the user belongs to
Aggregate the roles granted to all the groups the user belongs to
Combine the roles granted to the user, with the roles granted to the groups
(mash 'em into a set to eliminate duplicates for example)

Then return a UserDetails object.
You can return a new net.sf.acegisecurity.providers.dao.User object if you'd like...

[satitan]

Thanks! Your reply is very userful to me. As a newbie I want to get some example of this article, can you help me?

[Ben Alex]

It's just a custom AuthenticationDao implementation. If you just have a think about your table schema to reflect groups, it's easy to iterate over each group and add its corresponding roles to the UserDetails you need to return.