Has anyone had any real success in seamlessly propagating a Spring Security context using Spring Remoting (HttpInvoker) and a RemoteAuthenticationManager?
I'm really frustrated that support in Spring seems very limited when it comes to dealing with RemoteAuthenticationExceptions. When dealing with local AuthenticationExceptions, everything works right out of the box.
For example...When I use Remoting, any AuthenticationExceptions are converted to RemoteAuthenticationExceptions by the server application before responding to the client. This is where the pain begins. In a Spring MVC application, rather than recognising a RemoteAuthenticationException, it just falls over with a stack trace. Spring MVC only seems to deal properly with standard AuthenticationExceptions that would be thrown locally to the webapp.
Why can't Spring properly support remote security so that I can get the same behaviour with remoting as I would if my security manager was local to my web app?
Is there some other way I can support remote security without using HttpInvoker context propagation?
Some insight would be much appreciated...
Thanks,
Andrew