Ian Bicking [mailto:[EMAIL PROTECTED] wrote: > On Sat, 2003-03-01 at 11:59, Matt Feifarek wrote: > > >I don't think it should be part of a separate SecurePage > > > class, because > > >everyone adds this functionality to their application eventually. > > > > > I can't agree with that. Only a portion of our Webware applications > > require security; most of the servlets we run are for > > publicly available > > sites, and security just isn't necessary. It should > > definitely be optional. > > Certainly the security should be optional, but I don't see any reason > why the hooks have to be in a separate class. I'd either expect there > to be a method (like .secure()) that would tell if the page should > require a login, but probably better would be if you raise a > particular > exception at any point you'll get a login. > > There wouldn't be any overhead if you didn't use it, but it would be > there when you needed it. It also doesn't force you to make a page > public or not public -- a page could be public sometimes and private > others. The SecurePage style doesn't allow that, and I don't > really see > any benefits to SecurePage (besides simplifying Page, but I > don't think > that's a big deal).
I do believe we should keep Page and SecurePage separate. It'll make the framework easier to learn because you can just start with Page without worrying about the security. And some people may never need to learn SecurePage. Also, users may want to implement their own custom security framework derived from Page -- but if there is already security implemented in Page that may be difficult. And I don't buy your argument about a page being public sometimes and private sometimes, because we can just implement that capability into SecurePage. I think we should come up with a new name for the new SecurePage that better describes what it does (something like AuthenticatedPage except that's a bit hard to type) and also will distinguish it from the old example SecurePage, which was never anything more than an example. - Geoff - Geoff ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Webware-discuss mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/webware-discuss
