Same reason why I don't like Acegi. Declarative security doesn't fit well with component oriented frameworks. What I like about having permissions and rolls that agregate permissions is that it lets you check security in all the layers. Your dao's can check permissions and your services/gui can check roles.
-Igor > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Phil Kulak > Sent: Tuesday, August 09, 2005 9:19 PM > To: [email protected] > Subject: Re: [Wicket-user] a little OT... > > You know, when I think about it, you can have a polymorphic > users domain that is also assigned roles, so that's not a > problem for Acegi. > My latest blog entry talks about the problem jroller.com/page/pkulak > > I just think that Acegi is very complex. That may be fine is > you have very complex permissions requirements to match, but > I just don't need declatative security. I'd rather just write > a couple lines in Wicket's > checkAccess() method, or whatever it's called. > > On 8/9/05, Igor Vaynberg <[EMAIL PROTECTED]> wrote: > > I always liked systems where the lowest level is a permission (read > > this, write that, etc), then roles consist of sets of > permissions, and > > the user has a set of roles. > > > > Just my 2 cents. > > > > -Igor > > > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & > EXPO September 19-22, 2005 * San Francisco, CA * Development > Lifecycle Practices Agile & Plan-Driven Development * > Managing Projects & Teams * Testing & QA Security * Process > Improvement & Measurement * http://www.sqe.com/bsce5sf > _______________________________________________ > Wicket-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/wicket-user > > > ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Wicket-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/wicket-user
