No, we did not agree on the final design and the security stuff in Moqui is VERY different from what you implemented. In fact, I'd go so far to say that they have little in common, though they do share some of the same concepts (externalized references to artifacts, for example).
One major difference, for example, is inheritance of permission determined at run-time based on how artifacts refer to each other instead of where the artifacts are located (which IMO, as I've expressed before, has little use). -David On Sep 16, 2010, at 8:36 AM, Adrian Crum wrote: > This description of events isn't entirely true. > > David didn't reject Andrew's design, the community in general felt excluded > from the design process. David simply asked that we discuss the design before > code was committed. > > The security redesign was the outcome of that discussion. As far as I know, > David and I agreed on the final design, but interest in it fell off. I ended > up being the only person working on it. Since then, David has included the > security redesign in his new project. > > -Adrian > > On 9/16/2010 12:34 AM, Jacques Le Roux wrote: >> A 1st step would be to show a POC attached to Jira issue; explanation in >> comment, sufficient snippet of code to understand in patch. When I work >> on such I try to use the Example component to avoid any bad side >> effects; ie Example is a kind of sandbox, nobody will jump to your >> throat if you make a little mistake. Anyway you would not be the 1st >> responsible, as a commiter would have to review and commit before it get >> into core. >> >> In one word, show us the case. >> >> It's also good to know that 1st Andrew (Zeneski) tried something on this >> (authentication et especially authorization), David "rejected" it, then >> Adrian and David tried to work together but finally did not agree. So >> there is still an executioncontext branch but it seems almost dead. I'm >> maybe not totally right about this, but at least it's how I see it. >> >> Thanks >> >> Jacques >> >> From: "james_sg" <[email protected]> >>> How can i help on this? >>> >>> - james >>> >>> >>> Jacques Le Roux wrote: >>>> >>>> Looks more like a revolution IMO (ie a branch ;), want to be involved? >>>> >>>> Jacques >>>> >>>> From: "james_sg" <[email protected]> >>>>> Thanks for looking. Moving to Apache Shiro should be an evolution .... >>>>> >>>>> James >>>>> >>>>> >>>>> Jacques Le Roux wrote: >>>>>> >>>>>> Interesting... >>>>>> >>>>>> Thanks >>>>>> >>>>>> Jacques >>>>>> >>>>>> From: "james_sg" <[email protected]> >>>>>>> Anyone look at Apache Shiro for OFBiz? I have used it in one of my >>>>>>> project >>>>>>> and am happy with it. Seems a nice fit for OFBiz. >>>>>>> >>>>>>> -james >>>>>>> >>>>>>> Adrian Crum wrote: >>>>>>>> >>>>>>>> Anyone wanting to give the security redesign a try is welcome to do >>>>>>>> so. >>>>>>>> The Example component is converted over to the new security design, >>>>>>>> but >>>>>>>> the rest of the applications still use the old-style security. >>>>>>>> >>>>>>>> One of the goals of the redesign was to have it work along side the >>>>>>>> old-style security - so OFBiz users can migrate over to the new >>>>>>>> design >>>>>>>> when time and resources permit. The notion that the redesign would >>>>>>>> have >>>>>>>> a big impact on existing installations isn't true. >>>>>>>> >>>>>>>> -Adrian >>>>>>>> >>>>>> >>>>> >>>>> -- >>>>> View this message in context: >>>>> http://ofbiz.135035.n4.nabble.com/Security-refactor-tp2537069p2540207.html >>>>> >>>>> Sent from the OFBiz - Dev mailing list archive at Nabble.com. >>>>> >>>> >>>> >>>> >>> >>> -- >>> View this message in context: >>> http://ofbiz.135035.n4.nabble.com/Security-refactor-tp2537069p2541484.html >>> >>> Sent from the OFBiz - Dev mailing list archive at Nabble.com. >>> >> >> >>
