: [EMAIL PROTECTED]
Subject: Re: Configuration (was RE: [OS-webwork] Webwork Security
Requirements)
Exactly my point, you can make the configuration method support a lot of
power but only require simple configuration.
Now, multiple config files could possibly confuse users, no doubt about
that. I don&#
Exactly my point, you can make the configuration method support a lot of
power but only require simple configuration.
Now, multiple config files could possibly confuse users, no doubt about
that. I don't think I'd like that. Good thing that configuration is
pluggable, so any kind of config is supp
On Wednesday, Nov 6, 2002, at 10:36 Europe/London, Rickard Öberg wrote:
Simon Stewart wrote:
On Wednesday, Nov 6, 2002, at 09:51 Europe/London, Rickard Öberg
wrote:
> The issue about actions.xml is verbosity, not being able to figure
out
> how to create it. Having a DTD doesn't change a thi
Simon Stewart wrote:
On Wednesday, Nov 6, 2002, at 09:51 Europe/London, Rickard Öberg wrote:
> The issue about actions.xml is verbosity, not being able to figure out
> how to create it. Having a DTD doesn't change a thing in this regard.
XDoclet, perhaps?
Sure, I mean, I use XDoclet to gener
On Wednesday, Nov 6, 2002, at 09:51 Europe/London, Rickard Öberg wrote:
The issue about actions.xml is verbosity, not being able to figure out
how to create it. Having a DTD doesn't change a thing in this regard.
XDoclet, perhaps?
/Rickard, who still uses views.properties
:)
Regards,
Simo
Patrick Lightbody wrote:
There is some validity here... if we have a nice DTD (documented as well)
and make most elements optional, then a newbie should be able to use
actions.xml just as easy (or more) as views.properties (maybe more-so,
since
there is less ambiguity).
The issue about actions.
e Day" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 04, 2002 8:41 PM
Subject: RE: Configuration (was RE: [OS-webwork] Webwork Security
Requirements)
> I don't think that complicating actions.xml is going to create problems
for
> new users. Adding
ehalf Of
Hani Suleiman
Sent: Monday, November 04, 2002 3:05 PM
To: [EMAIL PROTECTED]
Subject: Re: Configuration (was RE: [OS-webwork] Webwork Security
Requirements)
Again, as if this hasn't been reiterated enough times. simplicity is
key. People like views.properties, why not keep them happy?
4:03 PM
To: [EMAIL PROTECTED]
Subject: Re: Configuration (was RE: [OS-webwork] Webwork Security
Requirements)
> Again, as if this hasn't been reiterated enough times. simplicity is
> key. People like views.properties, why not keep them happy? It's like
> the propertytag debate.
Monday, November 04, 2002 1:27 PM
To: [EMAIL PROTECTED]
Subject: Re: Configuration (was RE: [OS-webwork] Webwork Security
Requirements)
Patrick Lightbody wrote:
>http://radio.weblogs.com/0108886/2002/09/15.html
>
>
Sheesh, this looks like a usability nightmare. Have I not been clear on
m
lf Of
Hani Suleiman
Sent: Monday, November 04, 2002 10:42 AM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Webwork Security Requirements
No, because webwork is not supposed to be 'use this to solve all your
needs'.
It provides an important part of the overall solution. It's
> Again, as if this hasn't been reiterated enough times. simplicity is
> key. People like views.properties, why not keep them happy? It's like
> the propertytag debate. People like the idiosyncratic way it worked,
> why modify it just to enforce some arbitrary perception of correctness?
s/people/w
I'd also like to interject a comment - it's nice a good amount of traffic on the
list. Vive la webwork.
--Bill
Mike Cannon-Brookes wrote:
Can I inject some humour into this otherwise very boring, technical list for
the last few days - what the fuck is a frobnigator, and where can I buy one?
It'
"Bill Lynch" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 04, 2002 12:20 PM
Subject: Re: Configuration (was RE: [OS-webwork] Webwork Security
Requirements)
> I agree with you and Maurice - keeping everything as simple as possible is
huge.
> However,
It's a widget, of course, produced by the FUGAZI dept of the FUBAR
corporation.
More clearly: it's a thing.
-
Joseph B. Ottinger [EMAIL PROTECTED]
http://enigmastation.comIT Consultant
On Tue, 5 Nov 2002,
o long,
since to me this issue seems like a total no-brainer. It's win-win for
everyone.
-Pat
- Original Message -
From: "Hani Suleiman" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 04, 2002 12:04 PM
Subject: Re: Configuration (was RE: [OS
I agree with you and Maurice - keeping everything as simple as possible is huge.
However, I think supporting 2 configuration options (XML vs properties) is
actually not simple and I think we should drop the properties file for 2.0. I
fail to see how the XML file is any more complex than the prop
Again, as if this hasn't been reiterated enough times. simplicity is
key. People like views.properties, why not keep them happy? It's like
the propertytag debate. People like the idiosyncratic way it worked,
why modify it just to enforce some arbitrary perception of correctness?
I really do lik
Sure, but is it all about what you can do and not about how? I certainly
see your point, but that calls into question why there are two mechanisms
at all, much less how the mechanisms are invoked. Why not have one
mechanism that does it all? (I know that while my vote doesn't count for
much in WW,
Joseph Ottinger wrote:
No, actually I see his point: We add a configuration option that tells
webwork how to configure views. That enables people like me, who are
addicted to the raw simplicity of views.properties, to be happy... while
it allows him to have his custom frobnigator that nobody ELS
No, actually I see his point: We add a configuration option that tells
webwork how to configure views. That enables people like me, who are
addicted to the raw simplicity of views.properties, to be happy... while
it allows him to have his custom frobnigator that nobody ELSE will ever
use or care ab
Joseph Ottinger wrote:
+1! Pat is a god! (He told me to say that so I'm blindly worshipping him.)
Actually... I still vote +1, and Pat's just another frood in
PsychoDelusionLand.
Well I say he's on something that's harming his short term memory. I
rail on how complicated the webwork.propert
Patrick Lightbody wrote:
No, it's the same problem that we had in the past (before
GenericDispatcher). The solution that was proposed is to use the
redirect.action (when I get it working that is). And for 1.3 I think that's
fine.
You lost me. What problem are you trying to solve? I had thou
ernal)
configuration architecture.
-Pat
- Original Message -
From: "Maurice Parker" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 04, 2002 10:41 AM
Subject: Re: Configuration (was RE: [OS-webwork] Webwork Security
Requirements)
>
>
>
inal Message -
> From: "Maurice Parker" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, November 04, 2002 10:41 AM
> Subject: Re: Configuration (was RE: [OS-webwork] Webwork Security
> Requirements)
>
>
> >
> >
> > Patrick Lig
Patrick Lightbody wrote:
As for parsing whether the result is an action or a view, it's not that it's
non-trivial, it's that it's impossible, since the user might want either
behavior!
It better not be impossible. All that GenericDispatcher code you added
tries to do that today, and require
---
From: "Maurice Parker" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 04, 2002 10:26 AM
Subject: Re: Configuration (was RE: [OS-webwork] Webwork Security
Requirements)
>
>
> Patrick Lightbody wrote:
>
> >http://radio.weblogs.com/0108
02 12:24 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Webwork Security Requirements
Oh, good! I just thought two different ServletDispatchers would be nice
to offer flexibility, but maybe only one is needed. Either way, doing it
this way is nice also because internal actions are now not
Sent: Monday, November 04, 2002 12:24 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Webwork Security Requirements
Oh, good! I just thought two different ServletDispatchers would be nice
to offer flexibility, but maybe only one is needed. Either way, doing it
this way is nice also because int
er 04, 2002 9:30 AM
Subject: Configuration (was RE: [OS-webwork] Webwork Security Requirements)
> What are the current thoughts on moving to one form of configuration
> (i.e. getting rid of views.properties and just using actions.xml)?
>
> -Original Message-
> From: Patrick Lig
-webwork] Webwork Security Requirements
Oh, good! I just thought two different ServletDispatchers would be nice
to offer flexibility, but maybe only one is needed. Either way, doing it
this way is nice also because internal actions are now not exposed at
all. One of these days we might want to
e sense
in version 2.0.
-Pat
- Original Message -
From: "Maurice Parker" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 04, 2002 9:17 AM
Subject: Re: [OS-webwork] Webwork Security Requirements
> This suggestion is virtually the same one that
This suggestion is virtually the same one that is in Jira right now.
Except the Jira suggestion doesn't include requiring separate dispatchers.
Patrick Lightbody wrote:
Why not just provide two ServletDispatchers? One that works the way
everything does now (but just reading views.properties) a
Why not just provide two ServletDispatchers? One that works the way
everything does now (but just reading views.properties) and another that
reads a mapping file that maps path to WebWork alias/action:
mapping.properties:
/secure/Foo.action=Foo
views.properties
Foo.action=Foo
This could be don
; option really the best practice you want to put out there
for Webwork for securing apps using J2EE declarative security?
Jason
-Original Message-
From: Maurice Parker [mailto:maurice.parker@;pmic.com]
Sent: Monday, November 04, 2002 11:22 AM
To: [EMAIL PROTECTED]
Subje
Jason Carreira wrote:
- (on viruswall)
email-body was scanned and no virus found
-
I guess that's possible, but it's not
I guess that's possible, but it's not really the point. J2EE provides
declarative security that works well enough, and that's what we're
using. I can tell you now that if Webwork can't support J2EE declarative
security, I won't be able to get it in here, and I'm sure there are a
lot of other shops
Well, servlet filters are by definition tied to servlets, so ... it may be
possible to write a generic 'filter' that tests some abstract concept of
security, and then the servlet filter would leverage that. Since WW does
include view-specific implementations of things (WebworkVelocityServlet,
JSP t
No, because webwork is not supposed to be 'use this to solve all your needs'.
It provides an important part of the overall solution. It's trivial to slap on
a security system on top of it, and webwork doesn't need to be aware of it and
can function perfectly well within it. If there's such a str
boxed wrote:
Why can't you write a filter that reads a config file and checks the
incoming URL to see if it is requesting an action that you would like to
restrict access to? How does that solution not solve your problem?
Seems to me like this is asked for a lot, shouldn't a solution like
boxed wrote:
Why can't you write a filter that reads a config file and checks the
incoming URL to see if it is requesting an action that you would like to
restrict access to? How does that solution not solve your problem?
Seems to me like this is asked for a lot, shouldn't a solution like the o
> Why can't you write a filter that reads a config file and checks the
> incoming URL to see if it is requesting an action that you would like to
> restrict access to? How does that solution not solve your problem?
Seems to me like this is asked for a lot, shouldn't a solution like the one
you su
t: Re: [OS-webwork] Webwork Security Requirements
Guys,
Adding more junk to the Actions.xml is a sure way fire way to make
using WebWork more difficult. Do a comparison of our mapping file and
Struts and you will see what I'm talking about.
Jason, we've been over this repeatedly. Peo
[EMAIL PROTECTED]
Subject: Re: [OS-webwork] Webwork Security Requirements
This is Jira issue WW-53
(http://jira.opensymphony.com/secure/ViewIssue.jspa?key=WW-53). I have
stored the meatiest portions of this thread there so that we can
remember this stuff for a future release. Here's
-
From: Maurice C. Parker [mailto:maurice@;vineyardenterprise.com]
Sent: Friday, November 01, 2002 8:29 PM
To: [EMAIL PROTECTED]
Subject: Re: [OS-webwork] Webwork Security Requirements
Guys,
Adding more junk to the Actions.xml is a sure way fire way to make
using WebWork more difficult. Do a
This is Jira issue WW-53
(http://jira.opensymphony.com/secure/ViewIssue.jspa?key=WW-53). I have
stored the meatiest portions of this thread there so that we can
remember this stuff for a future release. Here's my comment that I
attached in Jira:
Mike's last suggestion is much more palatable.
Actually - I'm not sure I agree.
Personally, I see the 'non path mapped' nature of WebWork actions as a flaw.
I haven't found one good use for them yet.
I would love to see something to stop actions from moving. I think the
configuration can be made very simple - it need not be as complex as Jaso
Guys,
Adding more junk to the Actions.xml is a sure way fire way to make
using WebWork more difficult. Do a comparison of our mapping file and
Struts and you will see what I'm talking about.
Jason, we've been over this repeatedly. People on the list have given
you many helpful suggestions to
Jason,
I agree. I believe that configuration in WebWork is one area of improvement
that should be addressed in the next version. I'll jot up some ideas I've
had as well as yours. Maybe if we get a Wiki set up soon we can drop stuff
there.
-Pat
- Original Message -
From: "Jason Carreira" <
49 matches
Mail list logo
