Hi all, After using the current hibernate backed implementation of Fulcrum Security, I have come to two conclusions...
1) What I call Simple Security is definitly not Simple.. The combination of roles to groups, roles to permissions, and groups to users means that while very flexible, it is also relatively complex. The only thing it doesn't have is groups to groups! So, I would like to rename it to something else.. 2) The "Model" needs to be explicitly captured in an object. Right now, when you want to perform grants between relationships, you have to cast the UserManager to a SimpleUserManager. Or a TurbineUserManager etc.. and this still doesn't really do a good job of caputuring other concepts like the "Global" group in the turbine model... Instead, what I would like to do is load up another component called SecurityModel. Then this is casted to what ever model you would like. The various user/group/role/permission managers still focus on dealing with whatever entity it is they manage. However, the SimpleGroupManager/SimpleRoleManager/SimplePermissionManager would be removed in favor of a SimpleSecurityModel that would deal with all granting/revokeing of relationships. Of course the underlying entities for the model would still need to support and understand the relationships. But instead of having 3 different Simpler*Manager, you have a single SimpleSecurityModel instead. Additionally, over time we could add methods to the SecurityModel like supportsPermissions() or supportsGroup() if the environment needed to make decisions based on which model was being used. Oh, I think I am also going to go ahead and try and implement an ACL oriented approach to security as well. Eric --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
