> -----Original Message-----
> From: burtonator [mailto:[EMAIL PROTECTED]]
> Sent: Monday, June 12, 2000 10:38 PM
>
> Yes... Turbine doesn't support groups. I personally think it
> should but
> it was controversial so I haven't really pushed for it.
Well, I think Turbine is more developed with small scale installations
in mind and groups are not needed in most cases. That is also probably
the reason why it hasn't been implemented. Groups start to be useful
when you need a very complex permission system, usually in large-scale
deployments with big organizations.
> In a group/role situation security would always be applied with roles
> but you could organize groups. IE you could give the HR
> group access to the role "Admin"
So, which one overrides in the case of confilicting permissions? Roles
are overriding groups or vice versa? Or definable?
> Anything that supports roles is cool right. The only thing that we
> loose is that everything *must* be granular. That is OK, technically
> everything would still work.
Well, yes. I understand what you mean... but I just don't see a need for
such a system right now. Usually, in web apps, you have very flat
permission system.
However, when we start to implement shared portlets and other shared
stuff, then we definitely have a need for groups.
Neeme
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
