Jul 11th, 2007, 12:19 PM
Thanks all of you who read and give answers to this thread. Finally, I change to use Tomcat JDBCRealm for authentication and authorization. It is quite simple and meet my requirement, which is form based and keeping the user name and encrypted password in the database.
Maybe in the future, another project will require Acegi and I will remember to expose login page to anonymous (not try if it works because of busy ).
BTW, what are the advantages of using Acegi instead of Tomcat JDBCRealm except keeping the project independent from specific server?
Jul 11th, 2007, 06:07 PM
Please make an effort to use other resources before posting so we can keep the noise ration down in the forum. E.g. entering "acegi faq" in google returns that page as the first match.
Originally Posted by JuliusIT
knightEric: The website has a list of features, links to articles and the reference manual. Please read these to find out what is available and why you might want to use it. In short, if you have no need for any customization of the authentication process and you have all the functionality you need in standard J2EE security then use that. However, if you need to alter the behaviour then your options are pretty limited.