Announcement Announcement Module
No announcement yet.
Stop ACEGI from re-authenticating on every HTT Request Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Stop ACEGI from re-authenticating on every HTT Request


    We are using ACEGI extensively, and doing various kinds of authentications, including jdbc, LDAP, and Single Sign-On. What I am looking for is a way to stop ACEGI from calling authenticate() for every request (which includes every Ajax call, etc.). Isn't there a way to tell ACEGI that if a valid Authentication token already exist in the session, it should just use it instead of requerrying everything (user from backend, check password, etc.)

    Thank you.

  • #2
    AbstractSecurityInterceptor has a property

    You can set the alwaysReauthenticate property to false on your security interceptor. Does that do the trick for you?


    • #3
      I forgot to mention that we are using version 0.7.0. I search the ACEGI source for 0.7, and I don't think this property exists.

      Any solutions for 0.7.0?

      Much appreciated.


      • #4
        Patching is one solution

        If you have the source to 0.7.0 then you can arguably build your own backported patch. Don't know how much effort it takes to upgrade in your environment. Working with a very old version might make it difficult to get the support you need.