Hi Everyone,
My question is about _replacing_ the existing TurbineUser and associated
security classes and would like to know of any caveats that I might not
be aware of. First, a little background on the project:
My company is currently using Turbine (v2.2-b3) to develop a new
application for our clients. Had a look under the hood and have decided
that for our purposes we will have to replace the existing TurbineUser
security model. The primary reason is that we already have an existing
security model for our current application and we do not want to
maintain 2 sets of security models (Turbine's and the existing one). In
addition we have a different relationship which is not _exactly_ the
same as turbine's (described below):
We have 'C' number of clients, who each have 'A' number of accounts.
Each of our clients might have 'U' number of users, each with their own
roles ('R'). Given this relationship, it was difficult to fit back into
Turbine's existing User-Group-Role, as the client relationship would
have been lost (given that Account ~= Group).
The solution at this stage is to not use any of the turbine_* tables,
and use our own tables instead. This means that I will have to be
providing classes for turbine to use which will work with our tables.
Sifting through the documentation and source code for Turbine I think to
provide our own security implementation, all we need do is provide
replacement classes for the following:
- TurbineUser
- TurbineUserPeer
- DbUserManager
- DBSecurityService
So, to re-iterate, has anyone successfully replaced the security model
in turbine, and what dangers should I be aware of?
PS. Had a look at the LDAP* replacement implementation and is a good
guideline, but I'm also using a slightly different model (client).
Thanks in advance,
--
R E D S H E R I F F
C.P. Lim - Software Engineer
Level 1, 10 Queens Road +61 3 9864 0733 tel
Melbourne VIC +61 3 9864 0778 fax
Australia +61 413 781 846 mob
This message and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you are not the intended recipient, you are hereby
notified that any use or dissemination of this communication is strictly
prohibited. If you have received this message in error please notify us
immediately by return email or telephone +61 (3) 9659 0432, then delete
this message. Any views expressed in this message are those of the
individual sender and many not necessarily reflect the views of Red Sheriff.
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
