--- On Fri, 5/1/09, Scott Gray <scott.g...@hotwaxmedia.com> wrote:
> Some of these questions in the discussions so far give me
> the feeling that the write up Andrew put in confluence
> hasn't been read, is that the case?
>
> Anyway I'm a +1 for the new auth framework, I think it
> give us more power AND simplicity. Will it need improvement
> over time? of course it will but I think it's a much
> better base to work from.
I don't know if you were around at the time, but I was. One of the "weaknesses"
Andrew is trying to fix with this latest effort is the permissions services -
another design he introduced a couple years ago. Everyone went along with it
and re-wrote code to use service permissions. (I spent several weekends just
converting the accounting component over to the new security implementation).
Now we're being told "Oops, that design is limited, let me try again."
Why would anyone have any objection to opening this up to the community before
we start writing code? Maybe there are others who see weaknesses in the new
design. Give them a chance to offer input.
-Adrian
