There are a lot of us just waiting for the annotation part of swarm I
think.. Then I'll switch to swarm.. And when it gets adopted by wicket,
well theres gonna be a lot more users...
RUMikeP wrote:
My ZAR0.02 worth (a lot less than $0.02 ;-)
I have to be honest, that initially I was also a bit confused, but once you
take half an hour to work though it, it is REALLY powerful and customisable.
It you are building an application end-to-end from scratch, and are using
Wicket for the UI, it may be tempting to build in the security concepts in
the UI. However, larger corporates generally have a mix legacy and newer
security mechanisms that one needs to integrate with, and (maybe it is just
the projects that I need to implement, but) generally the Wicket UI is
designed to sit on top of an existing backend. Therefore, you can almost
guarantee that you will need to authenticate against some external system,
obtain a list of groups and or roles granted to that user and then map those
groups/roles to permissions to perform certain actions on the UI layer.
Swarm fulfils this role perfectly in our situation, and the fact that it is
decoupled from the core Wicket UI code, provides a high level of comfort
that we could replace the Swarm implementation with a different custom
implementation if necessary without a major rework of the UI code.
I have made use of Swarm out-of-the-box except for creating a
PolicyDatabaseHiveFactory to read in the role-to-permission mappings from a
database table. It would be just as simple to create a Policy Hive Factory
that builds up the mapping in Java code rather than reading it from a
properties file or database table, i.e. by creating your own implementation
of one class, it gives you a security implementation based on your
preference for where the mapping is stored/implemented.
I am not saying it is a perfect fit for everyone, but I do believe that the
Wicket Community needs to more actively promote the use of Swarm (where
appropriate) and I really would like to see more people using it so that
there is a larger pool of knowledgeable resources to assist and guide newer
users (especially since there is a plan to make it part of core in 1.5)
Mike
Mr Mean wrote:
On Mon, Jul 7, 2008 at 6:01 PM, Guðmundur Bjarni Ólafsson
<[EMAIL PROTECTED]> wrote:
On Mon, Jul 7, 2008 at 5:50 PM, James Carman <[EMAIL PROTECTED]>
wrote:
I'm not trying to flame here or anything, but from what I've read of
Swarm/Wasp, it's quite complicated and that would go against the
spirit of Wicket, IMHO. Also, it uses external files for
configuration. Again, this goes against the spirit of Wicket.
Perhaps if there were a programmatic way of configuring everything?
Again, I've never used it, but I've seen responses on the lists about
how to do things and it just scared me away from it. That's just my
$0.02. To be fair, maybe I should play with it a bit to see it for
myself, but I haven't had the cycles. Sorry.
I cooked up a small API that does just this. Simply put, it's just an
implementation of a HiveFactory which acts as a Builder. I plan to
publish
some time in the near future but there are several small issues that I'd
like to solve first.
Right now the usage of the API looks like this:
BuilderHiveFactory hiveFactory = new BuilderHiveFactory();
Principal principal = new SimplePrincipal("whatever");
Set<Class<? extends WaspAction>> actions = ...;
actions.add(Inherit.class);
actions.add(Render.class);
actions.add(Enable.class);
hiveFactory.addComponentPermission(principal, MySecurePage.class,
actions);
I would love to get your thoughts and input on this kind of HiveFactory.
Sounds like a usable contribution :)
The whole idea of the Wasp and Swarm for that matter is that if you
don't like a part of it you easily implement it yourself.
Configuration of all the permissions is only a first step.
Even i don't use the default policy file reader, we do use policy
files but i added some extra scripting support (haven't decided yet if
it something that is really re-usable by others).
So if anyone has anything that he/she thinks is reusable, just let me
know.
Maurice
regards,
Guðmundur Bjarni
--
-Wicket for love
Nino Martinez Wael
Java Specialist @ Jayway DK
http://www.jayway.dk
+45 2936 7684
