Chris Naidoo wrote: > > 1. Is the basic current security model going to be significantly reworked? The >reason I ask is that I am > curently looking at using Turbine security in our latest project. However, if things >are going to be > rewored significantly, then I may as well wait. The system was substantially reworked. The DB schemas changed (currently, only MySQL schema is up to date), 'groups' were introduced - user can be assigned a role IN a group. Roles and such can have custom attributes - you can associate a Role with some permissions plus some real Java objects. The system itself was broken into multiple layers, so that implementation of management of users can be plugged independently from management of ACLs (you can have the users in LDAP, and ACLs in the database). It will be easy to write classes that would authenticate users against IMAP server, or NT domain controller (provided that the code that talks the protocol is available). It is also possible to write DB implementations of User/ACL management modules that don't use Peers, but Castor/Osage/EJB etc. instead. > 2. Have you any idea when you think the new security stuff will be submitted back to >CVS. > I know this can be quite difficult to know, considering this is open source. 'Soon' is the word :) The code is already written, and we are testing it as a part of our current project. I'm ready to check the code in, but Jon told me to take my time and test as much as possible before checking it into the trunk of Turbine. The rough estimation is the end of the next week, which is about the time that our current project will go online. Oh, I recalled one thing - currently the administration application is broken, as it relies on the Peers heavily. Reworking it using the new functionality should be really easy, but I assigned this task a low priority on my list. Something should be done about it before I merge the branch, because right now the admin application wouldn't even compile. I'd mostly appreciate if someone stepped up and helped me with this, as it will allow me to perform the merge sooner. Rafal -- Rafal Krzewski Senior Internet Developer mailto:[EMAIL PROTECTED] +48 22 8534830 http://e-point.pl ------------------------------------------------------------ To subscribe: [EMAIL PROTECTED] To unsubscribe: [EMAIL PROTECTED] Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/> Problems?: [EMAIL PROTECTED]
