Re: framework release, icky internal dep

Wed, 19 Nov 2008 20:37:47 -0800 


On Nov 19, 2008, at 11:31 PM, Adrian Crum wrote:


From: David E Jones <[EMAIL PROTECTED]>
Subject: Re: framework release, icky internal dep
To: dev@ofbiz.apache.org
Date: Wednesday, November 19, 2008, 8:23 PM
On Nov 19, 2008, at 11:17 PM, Adrian Crum wrote:


--- On Wed, 11/19/08, David E Jones

<[EMAIL PROTECTED]> wrote:



From: David E Jones

<[EMAIL PROTECTED]>

Subject: Re: framework release, icky internal dep
To: dev@ofbiz.apache.org
Date: Wednesday, November 19, 2008, 7:57 PM
We should probably just move the admin account

data (the

parts that are framework specific, ie the partyId

and such

should stay higher level) to the common component

or

something.

In real life though, this is only useful for

demonstration

and technically no "admin" account

should ever

exist, only accounts for specific individuals.

This is a

good general practice and necessary for things

like PCI

compliance.



Seriously? If you have a framework-only installation,

how would you log in to the framework without at least one
user login? Even operating systems give you one login to
start off with.

That may be true of operating systems in days of yore, but
these days the generally accepted practice is for NO ONE to
use the root account, except perhaps for low-level system
maintenance, and instead use "sudoers" and other
similar concepts, ie users that have administrative
privileges. I think it's for the same reason as used in
PCI stuff, namely funny words like "traceability"
and "auditability" and "analenablement"
(note: one of those three is a joke ;) ).
So, if I install a modern operating system, I have no way to log in and create users?
Sure there's a way... creating users has been a part of every OS install I've used in recent memory (Linux, OSX, and Windows).
I think there's some confusion here. Here's what you're describing (from my perspective) - I install the OFBiz framework. I want to set up users for the framework. Oops, there is no way to log in to do that. I'm locked out. I can't use the framework.
Operating systems provide the root account so you can create user accounts. Why can't OFBiz do the same?
Settle down. I didn't say it couldn't I said it shouldn't. You should use individual user accounts with admin permissions to create new accounts, except the bootstrap account during installation (which is usually done through pre-loaded data in OFBiz right now). 

-David

Reply via email to