Hi Quinton,

On Mon, 6 Jan 2003 18:33, you wrote:
> Disclaimer:  I want to clearly state that I am just thinking out loud
> here.

... and diving head first into one of the longest standing issues in 
Turbine land -- the notorious Security Service.

> I think that Henning makes some great headway on this issue with his
> version of the security service.  With his version of the security
> service, the column names could change.

I agree that Henning's security service is a good intermediate solution 
until a new improved security service arrives.  It is the best solution 
I have seen that uses the current user, group, role and permission 
scheme.

> It could be taken a step
> further, possibly, to allow either primative or object types to be
> used as well.  This would eliminate most of the interface defined the
> User.

The idea of removing most of the methods of the security interfaces has 
been discussed many times on this list.  The archives will reveal a 
sordid tale.  I think the final conclusion was to use empty security 
interfaces and allow users to define there own custom security 
services, with a default implementation similar to the current security 
scheme (ie: user, group, role, permission).

> The access counter stored in the perm hashtable could simply be moved
> to its own column.

I agree that this should be moved to its own column or removed 
altogether.  An application that requires this could do it itself, 
rather than having Turbine do it.

> Persistent pull tools...  If it were not for backward compatibility,
> I would say drop support.

You could always start an online poll to find out how many people 
actually use the "persistent" scope.  I know I certainly don't use it.

Regards,

-- Rodney

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to