For what's it's worth, I think this is a great idea.

-Peter

----- Original Message ----- 
From: "Dan Diephouse" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, June 04, 2002 5:40 PM
Subject: Security Question


> I do not want to start a debate or a huge long discussion about security 
> here.  I know there are a lot of issues about how it should be 
> implemented.  I have a simple question that has been on my mand recently 
> :)  This may be what some people have in mind already, I don't know.
> 
> Would it be viable to seperate all the security stuff out of RunData and 
> T3?  Here's what I'm thinking.  Lets totally seperate out security from 
> T3 so no one is forced to use ANY preset interfaces, classes, etc for 
> security.  Then if people want to use the current mechanism they can use 
> the fulcrum service, the corresponding valves, and a new SecureRunData 
> implementation (which would contain the methods getUser(), getACL(), 
> etc.).  But, if I don't want to use Fulcrum's service than I can 
> implement my own valves, my own RunData implementation, and my own 
> security classes (User, Group, whatever...)  A lot of the hard stuff has 
> been done to totally seperate out security from T3.  Kudos to everyone 
> involved in that!  
> 
> Everyone here has different needs.  No one is going to agree anytime 
> soon.  If we seperated security from T3 then hopefully we can get a 
> bunch of different security implementations and then go from there. 
>  Maybe something will come out of it for version 3.1 or 4.0.
> 
> ~Dan Diephouse
> 
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
> 


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to