For what's it's worth, I think this is a great idea. -Peter
----- Original Message ----- From: "Dan Diephouse" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, June 04, 2002 5:40 PM Subject: Security Question > I do not want to start a debate or a huge long discussion about security > here. I know there are a lot of issues about how it should be > implemented. I have a simple question that has been on my mand recently > :) This may be what some people have in mind already, I don't know. > > Would it be viable to seperate all the security stuff out of RunData and > T3? Here's what I'm thinking. Lets totally seperate out security from > T3 so no one is forced to use ANY preset interfaces, classes, etc for > security. Then if people want to use the current mechanism they can use > the fulcrum service, the corresponding valves, and a new SecureRunData > implementation (which would contain the methods getUser(), getACL(), > etc.). But, if I don't want to use Fulcrum's service than I can > implement my own valves, my own RunData implementation, and my own > security classes (User, Group, whatever...) A lot of the hard stuff has > been done to totally seperate out security from T3. Kudos to everyone > involved in that! > > Everyone here has different needs. No one is going to agree anytime > soon. If we seperated security from T3 then hopefully we can get a > bunch of different security implementations and then go from there. > Maybe something will come out of it for version 3.1 or 4.0. > > ~Dan Diephouse > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
