The code is committed. However, due to maven reactor leaking memory, I couldn't update the site yet. So download the code from cvs and run the build. As soon as I can figure out how to get the multiproject site build to work, I'll update it.. (I think I need to remove some of the reports).
At any rate, if you have a problem building, please let me know... Eric > -----Original Message----- > From: Eric Pugh [mailto:[EMAIL PROTECTED] > Sent: Friday, December 05, 2003 8:52 PM > To: 'Turbine Users List' > Subject: RE: hibernate security service... > > > I will go ahead and commit the code tonight so you can see it... > > > -----Original Message----- > > From: Humberto Hernandez Torres [mailto:[EMAIL PROTECTED] > > Sent: Friday, December 05, 2003 8:09 PM > > To: Turbine Users List > > Subject: RE: hibernate security service... > > > > > > I've had the idea of a JDBC Security Service for a while to > > avoid depending > > on Torque or Hibernate. I know that if don't implement it > > myself it will > > remain just an idea. > > > > I will certanly like to see what you are doing. > > > > -- > > Hyumberto > > > > > -----Original Message----- > > > From: Eric Pugh [mailto:[EMAIL PROTECTED] > > > Sent: Friday, December 05, 2003 11:52 AM > > > To: 'Turbine Users List' > > > Subject: RE: hibernate security service... > > > > > > > > > You could very easily roll one.. A lot of my thinking on > > > the Security > > > Service came out of working and writing unit tests for OSWorkflow. > > > OSWorkflow faces a similar challenge, how to provide multiple > > > implementations for persisting data. There are > > > jdbc,ojb,hibernate,memory,filestore,ofbiz, ejb etc > implementations. > > > > > > The problem with the JDBC is that yes, while it is simpler to > > > start with, > > > and reduces jar numbers, etc, eventually someone comes up > > > with problems with > > > getting a jdbc transaction to participate in a larger > > > transaction. Or they > > > want caching. That is where using the Hibernate (or other ORM) > > > implementation starts to payoff. > > > > > > I have been refactoring madly the security code based on > > > seeing some best > > > practices for writing merlin components. The current code > > > base that I am > > > going to give one last review to is composed of multiple > > > projects that helps > > > deliniate which dependencies are required. Currently they are: > > > /api What the application sees. > > > /spi Helper classes that > > > implementations can leverage. Not yet a "true" > > > SPI, but getting there. > > > /mememory A memroy based implementation > > > that gets you started quickly. > > > Useful in unit testing or doing examples.. > > > /hibernate A hibernate based > > > implementation. The unit tests currently > > > interact with a McKOI in memory database! > > > /nt An NT based implementation. > > > Looks user and group information up from > > > NT. Note: you do need a username and password, it doesn't use > > > anything like NTLM yet. > > > /adapters/turbine An adapter for fooling Turbine 2.3 > > > based security into > > > delegating to the fulcrum security code. > > > /adapters/opensymphony An adapter that lets OSUser > > delegate calls for > > > authentication to Fulcrum security. > > > > > > At this time I removed the Torque based code. It was > completely un > > > unittested, barely compiled, and not used. If there is a > > > demand for it, > > > then we can add it back in as another project /torque. > > > Additionally, if > > > someone would like to provide a jdbc implementation, that > > > would be great. > > > Look at the OSUser jdbc implementation for ideas. > > > > > > Additionally, in terms of models I have working are: > > > > > > Dynamic Users in groups with roles and > > > permissions > > > Basic Users in groups > > > Turbine Extends Dynamic, adding extra > > > functionality like isAnonymousUser > > > and getGlobalGroup. Otherwise the same as Dynamic. > > > > > > Humberto, since you had the best explanation of the Turbine > > > security model, > > > once I get the code checked in, I would appreciate it if you > > > could review > > > how it works for me. > > > > > > Sincerely, > > > Eric Pugh > > > > > > > -----Original Message----- > > > > From: Humberto Hernandez Torres [mailto:[EMAIL PROTECTED] > > > > Sent: Wednesday, November 26, 2003 6:43 PM > > > > To: Turbine Users List > > > > Subject: RE: hibernate security service... > > > > > > > > > > > > I am of the idea, that we should have a generic JDBC Security > > > > Service that > > > > runs directly on top of JDBC and is independent of Torque or > > > > Hibernate. It > > > > just seems simpler. > > > > -- > > > > Humberto > > > > > > > > > -----Original Message----- > > > > > From: Eric Pugh [mailto:[EMAIL PROTECTED] > > > > > Sent: Tuesday, November 25, 2003 1:02 PM > > > > > To: 'Turbine Users List' > > > > > Subject: RE: hibernate security service... > > > > > > > > > > > > > > > Gerardo, > > > > > > > > > > there is a bunch coming.. While the current hibernate > > > > > service works well, I > > > > > am in the process of refactoring the project to have: > > > > > > > > > > /api > > > > > /hibernate > > > > > /memory > > > > > /adapters > > > > > /turbine > > > > > /opensymphony > > > > > > > > > > so that you don't get a big bunch of extra stuff. I am also > > > > > adding a new > > > > > model in called "groups" that basically allows you to put > > > > > users in multiple > > > > > groups, and groups in multiple groups. But no "roles" or > > > > > "permissions". I > > > > > will have a hibernate and memory implmentations of that. > > > > > Look for it in > > > > > about two weeks, as I am traveling a bunch.. > > > > > Eric > > > > > > > > > > > -----Original Message----- > > > > > > From: Gerardo Segura [mailto:[EMAIL PROTECTED] > > > > > > Sent: Monday, November 24, 2003 6:11 PM > > > > > > To: [EMAIL PROTECTED] > > > > > > Subject: hibernate security service... > > > > > > > > > > > > > > > > > > Hi > > > > > > is there any security service based on hibernate? > > > > > > Or any docs besides the 'Hibernate OM Howto' about > > > > turbine-hibernate > > > > > > stuff? <../howto/hibernate-howto.html> > > > > > > > > > > > > Gerardo > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > > To unsubscribe, e-mail: > > > > [EMAIL PROTECTED] > > > > > > For additional commands, e-mail: > > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: > > > [EMAIL PROTECTED] > > > > > For additional commands, e-mail: > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > > > [EMAIL PROTECTED] > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
