DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42952>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42952 ------- Additional Comments From [EMAIL PROTECTED] 2007-08-05 15:19 ------- another attempt: svn co https://svn.apache.org/repos/asf/lenya/sandbox/newPolicyAuth \ lenya-newPolicyAuth some classes had to be shuffled around, which does not translate well into a patch, hence the branch. andreas, i've tried the pseudo-usecase approach, please take a look. the new PolicyAuthorizer code is quite ugly - i had to drag it kicking and screaming, but i wanted a minimal, proof-of-concept approach. the more i play with it, the more i like the "everything is authorized as a usecase" idea. the two authorizers and the DefaultAccessController are not so nice, but it's never been a very beautiful piece of code imho... if we adopt this approach, policyauthorizer should go for good and the usecaseauthorizer modified to not grant by default if no ?lenya.usecase is given, but to check ?lenya.usecase=ac.visit instead. btw, you can actually call ?lenya.usecase=ac.visit, and it will do what you expect :) not that anyone needs it, though. comments and reviews appreciated. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
