> > Um, I couldn't disagree more.  The current Turbine security model is
> > limited in many aspects.
> 
> I didn't say it wasn't limited. I said that it is a pretty 
> functional system
> for webapps. Scarab (a very very complex webapp) uses it and it is fine.

What I personally don't like about the current model is:

* It is specifically tailored to Internet webapps.
* It is hard to adapt to different "back-end" security systems (NT,
  LDAP, whatever).
* It provides ONE way of creating relationships between users and
  permissions, through roles and groups; what if I want to use
  a different set of relationships?

I think we need a pluggable (or "skinabble", to be in fashion) system
that allows to use Turbine's current model, but that it also makes it
easy for developers to switch to a totally different model.  And, if
possible, with a default implementation that doesn't require a DB.

> -jon


-- 
Gonzalo A. Diethelm
[EMAIL PROTECTED]


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to