Antonio Gallardo wrote:

Hi Vadim:

Vadim Gritsenko dijo:

In the mean time (before integration of xscript and session-fw), the
best way is to create separate session-fw logicsheet. The reason is that
session logicsheet is completely different thing and is not related to
the session-fw.

Vadim

It's OK. But what we can do now? Let me explain:

I wrote the <xsp-session-getxml> tag because I needed a way to separate
permisions for every page that a user request. Then I created some
"groups" of people. Inside every page I check for this permission to
decide if the user has the right or not to see the page. Currently I am
managing 8 groups of permissions.

The user permissions are loaded when you sucessfully login into the
system. Then the groups of each user lives inside the session of the user.

I made it in this form because I wanted to not request the database of
users every time I need to check a user's permission.

----------------------------
As you can see the tag was done more to interface the authentication-fw
than the session-fw.
----------------------------
Also it seems to be quite stable. My application currently has 45 users in
a LAN. Every day the tag checks hundreds of authentication permissions of
the users and everything works fine.

I agree with you that there must be a better interface to all this stuff,
but currently there is the only way to do that with XSP.

I thinked that I can do the same functionality using an action.

In your situation, I would prefer to do permission check in the sitemap by invoking some action instead of putting it into the page. This will allow me to have clean pages without permissions, and whole permission checking logic in one place - action, and managed from another place - sitemap. To me this is better separation, then mixing everything (content, and auth configuration) in the page.

But in any case it is valuable to have session-fw and/or authentication-fw logicsheets to be used from XSP.

Vadim


I will be glad if you (gurus) can comment about this. :-D

Regards,

Antonio Gallardo.



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]

Reply via email to