Registration and profile editing are both usually application-specific. I *would* like to have a login built into Webware (WebKit, actually),That's consistent with our experience with our own "UserAccountKit"
and password management would be easy enough too.
I can't agree with that. Only a portion of our Webware applications require security; most of the servlets we run are for publicly available sites, and security just isn't necessary. It should definitely be optional.Then we add some stuff to WebKit -- I think it should be added directly to Page -- to set up a good login system, as well as some hooks for permission. I'd say we should do this by putting in more support for exceptions, and catching HTTPAuthorizationRequired and HTTPForbidden, and turning these into login screens or permission denied screens.
I don't think it should be part of a separate SecurePage class, because
everyone adds this functionality to their application eventually.
Sure, you could turn it off by setting a method like thisPageNeedsSecurity() but that doesn't seem like the traditional way.
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Webware-discuss mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/webware-discuss
