Acegi User object question

[viniciuscarvalho]

Hello! I know that acegi puts the User object on the session right? Well I'm using Tapestry in my application and so far everthing is ok, I even wrote a component to act just like the authorize tag.
My question now is, Tapestry put it's ASO (Application State Objects) into the session. I'd like to have my User Object registred as an ASO as well, but I need the name that Acegi puts it on the session, is it the full class name?
Another question is, could someone point me how to extend the user object, I mean point to another table. My user needs more info than username,pwd,active flag. I've tried it before overrinding the SQL but did not work, does my User Object must extend the Acegi's User Object?

Regards

Vinicius

[Ben Alex]

User is an implementation of UserDetails. Acegi Security's AuthenticationDao interface (which is what you'll be using with the commonly-used DaoAuthenticationProvider) only requires a UserDetails, so you can implement that interface on any of your classes. Generally you'd write a custom AuthenticationDao and that's how to return a custom UserDetails.

In terms of the key used in the HttpSession, see net.sf.acegisecurity.context.HttpSessionContextInt egrationFilter.ACEGI_SECURITY_CONTEXT_KEY.