I will go ahead and commit the code tonight so you can see it... > -----Original Message----- > From: Humberto Hernandez Torres [mailto:[EMAIL PROTECTED] > Sent: Friday, December 05, 2003 8:09 PM > To: Turbine Users List > Subject: RE: hibernate security service... > > > I've had the idea of a JDBC Security Service for a while to > avoid depending > on Torque or Hibernate. I know that if don't implement it > myself it will > remain just an idea. > > I will certanly like to see what you are doing. > > -- > Hyumberto > > > -----Original Message----- > > From: Eric Pugh [mailto:[EMAIL PROTECTED] > > Sent: Friday, December 05, 2003 11:52 AM > > To: 'Turbine Users List' > > Subject: RE: hibernate security service... > > > > > > You could very easily roll one.. A lot of my thinking on > > the Security > > Service came out of working and writing unit tests for OSWorkflow. > > OSWorkflow faces a similar challenge, how to provide multiple > > implementations for persisting data. There are > > jdbc,ojb,hibernate,memory,filestore,ofbiz, ejb etc implementations. > > > > The problem with the JDBC is that yes, while it is simpler to > > start with, > > and reduces jar numbers, etc, eventually someone comes up > > with problems with > > getting a jdbc transaction to participate in a larger > > transaction. Or they > > want caching. That is where using the Hibernate (or other ORM) > > implementation starts to payoff. > > > > I have been refactoring madly the security code based on > > seeing some best > > practices for writing merlin components. The current code > > base that I am > > going to give one last review to is composed of multiple > > projects that helps > > deliniate which dependencies are required. Currently they are: > > /api What the application sees. > > /spi Helper classes that > > implementations can leverage. Not yet a "true" > > SPI, but getting there. > > /mememory A memroy based implementation > > that gets you started quickly. > > Useful in unit testing or doing examples.. > > /hibernate A hibernate based > > implementation. The unit tests currently > > interact with a McKOI in memory database! > > /nt An NT based implementation. > > Looks user and group information up from > > NT. Note: you do need a username and password, it doesn't use > > anything like NTLM yet. > > /adapters/turbine An adapter for fooling Turbine 2.3 > > based security into > > delegating to the fulcrum security code. > > /adapters/opensymphony An adapter that lets OSUser > delegate calls for > > authentication to Fulcrum security. > > > > At this time I removed the Torque based code. It was completely un > > unittested, barely compiled, and not used. If there is a > > demand for it, > > then we can add it back in as another project /torque. > > Additionally, if > > someone would like to provide a jdbc implementation, that > > would be great. > > Look at the OSUser jdbc implementation for ideas. > > > > Additionally, in terms of models I have working are: > > > > Dynamic Users in groups with roles and > > permissions > > Basic Users in groups > > Turbine Extends Dynamic, adding extra > > functionality like isAnonymousUser > > and getGlobalGroup. Otherwise the same as Dynamic. > > > > Humberto, since you had the best explanation of the Turbine > > security model, > > once I get the code checked in, I would appreciate it if you > > could review > > how it works for me. > > > > Sincerely, > > Eric Pugh > > > > > -----Original Message----- > > > From: Humberto Hernandez Torres [mailto:[EMAIL PROTECTED] > > > Sent: Wednesday, November 26, 2003 6:43 PM > > > To: Turbine Users List > > > Subject: RE: hibernate security service... > > > > > > > > > I am of the idea, that we should have a generic JDBC Security > > > Service that > > > runs directly on top of JDBC and is independent of Torque or > > > Hibernate. It > > > just seems simpler. > > > -- > > > Humberto > > > > > > > -----Original Message----- > > > > From: Eric Pugh [mailto:[EMAIL PROTECTED] > > > > Sent: Tuesday, November 25, 2003 1:02 PM > > > > To: 'Turbine Users List' > > > > Subject: RE: hibernate security service... > > > > > > > > > > > > Gerardo, > > > > > > > > there is a bunch coming.. While the current hibernate > > > > service works well, I > > > > am in the process of refactoring the project to have: > > > > > > > > /api > > > > /hibernate > > > > /memory > > > > /adapters > > > > /turbine > > > > /opensymphony > > > > > > > > so that you don't get a big bunch of extra stuff. I am also > > > > adding a new > > > > model in called "groups" that basically allows you to put > > > > users in multiple > > > > groups, and groups in multiple groups. But no "roles" or > > > > "permissions". I > > > > will have a hibernate and memory implmentations of that. > > > > Look for it in > > > > about two weeks, as I am traveling a bunch.. > > > > Eric > > > > > > > > > -----Original Message----- > > > > > From: Gerardo Segura [mailto:[EMAIL PROTECTED] > > > > > Sent: Monday, November 24, 2003 6:11 PM > > > > > To: [EMAIL PROTECTED] > > > > > Subject: hibernate security service... > > > > > > > > > > > > > > > Hi > > > > > is there any security service based on hibernate? > > > > > Or any docs besides the 'Hibernate OM Howto' about > > > turbine-hibernate > > > > > stuff? <../howto/hibernate-howto.html> > > > > > > > > > > Gerardo > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: > > > [EMAIL PROTECTED] > > > > > For additional commands, e-mail: > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > > > [EMAIL PROTECTED] > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
