> Well, the proposal was just to not make the difference any > more. So indeed I proposed to make Cloud.getUser() to return > a UserContext, so you could simply feed it to the > check-methods of authorisation implementaiton without any trickery. > > We could also try backwards-compatibility with a new method > cloud.getUserContext() and so on. I won't object that, but > initially I'd be inclined to clean this stuff up, rather then > make it even woolier.
Agreed. I would favor that too. > > Yes, that's it. The 'int' represents the 'method'. There is a > long standing confusion about that term too (security > 'application' vs 'authenicate'), I don't know if it can be > solved. Perhaps we should opt for calling it 'application' > rigourously, the 'authenticate' attribute of cloud-tag being > deprcated and duplicated by a 'application' attribute. Or > perphaps the inverse? I think authenticate is clearer, especially in the cloud tag itself. <mm:cloud authenticate="..."> is better than <mm:cloud application="..."> What is an application? It's too vague. And of course all methods should then also refer to authenticate and not to application. Regards, Ronald. -----------------------Disclaimer------------------------- Dit bericht (met bijlagen) is met grote zorgvuldigheid samengesteld. Voor mogelijke onjuistheid en/of onvolledigheid van de hierin verstrekte informatie kan Kennisnet geen aansprakelijkheid aanvaarden, evenmin kunnen aan de inhoud van dit bericht (met bijlagen) rechten worden ontleend. De inhoud van dit bericht (met bijlagen) kan vertrouwelijke informatie bevatten en is uitsluitend bestemd voor de geadresseerde van dit bericht. Indien u niet de beoogde ontvanger van dit bericht bent, verzoekt Kennisnet u dit bericht te verwijderen, eventuele bijlagen niet te openen en wijst Kennisnet u op de onrechtmatigheid van het gebruiken, kopi�ren of verspreiden van de inhoud van dit bericht (met bijlagen). This message (with attachments) is given in good faith. Kennisnet cannot assume any responsibility for the accuracy or reliability of the information contained in this message (with attachments), nor shall the information be construed as constituting any obligation on the part of Kennisnet. The information contained in this message (with attachments) may be confidential or privileged and is only intended for the use of the named addressee. If you are not the intended recipient, you are requested by Kennisnet to delete this message (with attachments) without opening it and you are notified by Kennisnet that any disclosure, copying or distribution of the information contained in this message (with attachments) is strictly prohibited and unlawful. ---------------------------------------------------------- _______________________________________________ Developers mailing list [email protected] http://lists.mmbase.org/mailman/listinfo/developers
