Hi Ken, The timing isn't perfect, but I see two really workable solutions:
One is to do you're project in Merb. The migration path from Merb to Rails 3 doesn't look any harder than from Rails 2 to Rails 3 (according to my magic 8 ball of course ;-) That way you've got you're MerbAuth and you're done. The second way is to go ahead and use RestfulAuth knowing that the password hashes are compatible (so you don't loose passwords between them) and that you will NOT be alone in trying to migrate down the road. Like I said neither is great, but the only thing you can plan for with certainty is that change will happen ;-) Rob On Mon, Feb 2, 2009 at 14:34, Ken Hudson <[email protected]>wrote: > Hi Matt, > Thanks for the response. > > Even if MerbAuth is an officially supported plugin for Rails3, I still > believe it will become the defacto standard. Therefore, I will still have > the same situation. If I choose restful_authentication, Authlogic or any > one of the other options currently available for my new project I will face > the prospect that at some point in the future that solution probably won't > be supported any more because people will transition to the MerbAuth/Rails3 > plugin. At that time I'll have to do some sort of disruptive migration from > whatever I choose now to the Rails3/MerbAuth solution or run the risk of > serious problems with my solution because of lack of support, deprecated > features, etc. I really hate to start a new project knowing full well that > down the road I'm going to have to completely gut the authentication (and > maybe authorization components) to adapt to a new defacto standard. If it > were any other part of the system maybe this would be OK but you don't > really want to mess with authentication and authorization in a production > system that (hopefully) will be used by 10's of thousands of people. I'm > just trying to figure out if there are any reasonable alternatives at this > point or if I'm just stuck. It's looking like I'm just stuck... I do think > this is a serious problem that everyone starting a new project from now > until the release of Rails3 will face, though. If there are any ways to > minimize the impact I'd certainly like to know what they are. > > Thanks and best regards, Ken > > > On Feb 2, 2009, at 2:13 PM, Matt Aimonetti wrote: > > I've heard MerbAuth will be part of Rails3. >> > > I don't think that will be the case, I would expect MerbAuth to be a plugin > for Rails (probably/maybe officially supported by the Rails team) > > You might want to check the new wiki for more info on Rails auth solutions: > http://newwiki.rubyonrails.org/ > > - Matt > > On Mon, Feb 2, 2009 at 11:22 AM, Ken Hudson <[email protected]> wrote: > >> Hi all, >> I'm starting a new rails project and I'm trying to decide what to use for >> authentication. Unless I decide to write it myself, I think I have two >> choices: restful_authentication or authlogic. Here's the dilemma: when >> Merb and Rails get folded together in Rails3 I've heard MerbAuth will >> be part of Rails3. I'm hoping my new application will be around >> for a long period of time and I'm not sure how to approach this. What >> approach do you all think would be best? >> >> Thanks! Ken >> >> >> > > > > > > > > --~--~---------~--~----~------------~-------~--~----~ SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby -~----------~----~----~----~------~----~------~--~---
