Andrew O'Brien wrote:
> On 5/22/07, Oliver Baltzer <[EMAIL PROTECTED]> wrote:
>> Radiant has built-in caching, one of Radiant's main features in fact.
>> With this caching being enabled it does not need to query the database
>> at all when a cached page is requested. This, however, is likely to
>> conflict with your plans of fine grained authorization.
> 
> Yeah, that has kept me from doing page caching in Rails in the past.
> One thought I'd had was to allow Radiant to do all the caching it
> wants and in embed product specific classes or href rel attributes.
> Then, post process the output (outside of Rails, probably using Apache
> mod_xslt) with a user specific XSLT (which would possibly be generated
> and cached by a GET request to a radiant extension that has a
> controller with a respond_to.xsl {} block) to add things like the name
> of the current user and remove information and turn off links to pages
> they don't have access to.
> 
> [...]
> 
> Also, I'm guessing this is way more complicated than most
> authorization schemes [...]

This would probably work but looks extremely messy. Ideally you would 
want to keep and maintain all your access control at the application 
level and make the application aware of it.

With respect to caching authenticated sessions I guess your best bet is 
some sort of session-based fragment cache. Currently Radiant only 
provides page level caching and identifying fragments and their 
dependencies is rather difficult at the moment. However, you might be 
able to create a variation on that: a page level cache that uses the URL 
and the user's credentials, i.e. roles or groups, to compute the hash 
under which a page is stored in the cache. This way you prevent 
non-authorized users to access cached sensitive information, while at 
the same time provide some caching for authorized users. The only 
problem with this approach is that you still cannot display the correct 
username on the page and you may have some overhead in memory 
requirements for caching

Maybe this generates ideas.

Oliver
_______________________________________________
Radiant mailing list
Post:   [email protected]
Search: http://radiantcms.org/mailing-list/search/
Site:   http://lists.radiantcms.org/mailman/listinfo/radiant

Reply via email to