----- Original Message ----
> From: Charlie Garrison <[email protected]>
> I'd really like to get more info on that.
> Looking at all the actions for my app in the debug output on startup, I can
> see
> lots of private and chained actions for AutoCRUD, and they are all under the
> /autocrud path. What part of AutoCRUD is accessed outside the /autocrud
> path?
> AutoCRUD is very nice convenience, but it's not so nice to warrant
> running a separate app for it. To me, *having* to run a separate app
> indicates a
> design flaw. And if that's the case then I need to look at alternate
> solutions.
> (Note, I'm not against server-level auth, and I use it for other things
> outside
> my app, but within the app.....)
I can't answer these questions. I can only refer you to the rt queue discussion:
https://rt.cpan.org/Ticket/Display.html?id=55742
I didn't see creating a separate app and securing it at the server level as
being a big deal (for me, your mileage may vary). It seemed easy enough that I
wasn't terribly inclined to look further at potential security holes by
integrating AutoCRUD directly (I'm very concerned about security for this app
and if I see an easy route to better security, I'm going to take it). If you
want "all or nothing" AutoCRUD, this may not be an issue. If you desperately
need fine-grained control, it could be complicated. Again, see the RT
discussion.
Cheers,
Ovid
--
Buy the book - http://www.oreilly.com/catalog/perlhks/
Tech blog - http://blogs.perl.org/users/ovid/
Twitter - http://twitter.com/OvidPerl
Official Perl 6 Wiki - http://www.perlfoundation.org/perl6
_______________________________________________
List: [email protected]
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
