Hi. I'm currently looking at Acegi security framework. No doubt, it is complicated but there is something I don't know how to do it. After a successful authentication, Acegi store some kind of information in the session scope (it uses a predefined filters). What if I want also to store some kind of information after a successful authentication ?
You will have to implement your own UserDetailsService. The UserDetailsService is used by Acegi to build the Authentication object, which contains the principal (this can be any object, but you will have to create a UserDetails Object). You will define the userdetailsservice as follows in your spring configuration (i've only worked with acegi on spring).
I haven't implemented this myself though.
Alternatively, it is also possible to use the setContext() method of the SecurityContextHolder. The SecurityContext object can be set to hold an Authentication object. Although, you would want to do this once (at login). [ April 11, 2007: Message edited by: Abhi Vuyyuru ]