--- Begin Message ---
Gregg Wonderly wrote:
On 8/9/2011 7:57 PM, Peter Firmstone wrote:
I'm interested, I've been thinking about this too, what's your
current service
interface?
The service interface is "the service interface". The mechanism just
uses a proxy, delegating object. Thus, if you currently have a
service object, you just create an instance of your security object,
passing in the service object, and then export the security object for
remote use.
That keeps you from having to support a "single" role model by having
that codified into your application. Instead, the service can be
deployed with an arbitrarily complex authorization implementation
making it quite flexible. You can even use Configuration to specify
the security implementation class.
Gregg Wonderly
So it implements the same interface as your service, but encapsulates it.
So how do you log in, how does it track users? I'm guessing it's got
something to do with associating threads.
Regards,
Peter.
--- End Message ---
