Chris Nokleberg wrote:
On Tue, Dec 31, 2002 at 10:21:21AM +0100, Rickard Öberg wrote:

Patrick Lightbody wrote:

Yeah, doesn't yet, but the plan is to add that in soon. Tonight I'll make
the code quicker and then start incorporating Rickards ideas.
Well, since this is looking more and more like a lightweight version of my AOP framework I can do the interceptor/XML fixes myself, if that's ok with you.

I think it would be more useful if instead of applying directly to
actions, the filters/interceptors applied to paths (URLs). The paths
could support wildcards, either Servlet-style or a more complete regexp
style. e.g.

  define secure = persist, security, execute
  define open = standard - security
  map /* = open
  map /admin/* = secure

(but probably in xml)

There would need to be some thought about how to combine stacks of
interceptors, path matching precedence, etc. This is probably best done
in conjuction with nailing down actions to specific paths.
The problem is that people will then start naming their pages in order to make it easy to apply filters. And that's bad. URL's should not reveal the underlying technology, and should be as long-lived as possible. Also imagine if you have a page that is initially unsecured, but after a while you see that it needs to be secured. Will you then add its path to the configuration or move it to /secure? Probably the latter, and you then broke all bookmarks to it.

Nah, there's gotta be a better way.

/Rickard

--
Rickard Öberg
[EMAIL PROTECTED]
Senselogic

Got blog? I do. http://dreambean.com



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork

Reply via email to