Ok, lets see what others think about it. Now, we already discussed this topic a little bit in [1]: Cocoon contains the auth-fw block which is a modular authentication framework which can be integrated in your app. It is based on the session-fw and for example it can be used out of the box in the portal. Both, session-fw and auth-fw were developed six years ago with the mindset that everything is XML - during the years, the way of developing web apps with Cocoon has changed and therefore there are better alternatives for these blocks, for example the template block and flow.
In addition I started a replacement for the auth-fw some time ago which I called CoWarp and which is hosted at sf right now. I had several reasons for starting this there and not here which are outlined in [1]. My main reason is the community aspect. I would like to have a community first, before moving the code here. Now, in fact neither the session-fw nor the auth-fw have a real community here, so perhaps this reason is a little bit obsolete in *this case*. As both, auth-fw and session-fw are really out dated and as cowarp is a better implementation of the auth-fw, I propose to: a) deprecate auth-fw and session-fw in 2.1.x b) remove auth-fw and session-fw in 2.2 c) add cowarp as an own block to 2.2 I know that we should deprecate in 2.1.x, leave things in 2.2 and remove them in 2.3 or 3.0; but in this case I think it's much better to remove them right away in 2.2 as people should really not use it. Carsten Ralph Goers wrote: > > Carsten Ziegeler wrote: >> Ralph Goers wrote: >> >>> In 2.2 why don't you put cowarp in as a block and remove the >>> authentication framework. Remember to deprecate it in 2.1. >>> >>> >> Hmm, yes, good question. I'm not against it, but as you say above this >> makes imho only sense if we remove the auth-fw in 2.2. And *if* we >> remove the auth-fw we should also remove session-fw which is really >> outdated. The template block and flow are much better alternatives. >> >> Carsten >> > I'm OK with that. I've always found the session-fw hard to use. So here > is my +1. > [1] http://marc.theaimsgroup.com/?t=112418318800004&r=1&w=2 -- Carsten Ziegeler - Open Source Group, S&N AG http://www.s-und-n.de http://www.osoco.org/weblogs/rael/