On 2/05/2009, at 12:38 PM, Adrian Crum wrote:
--- On Fri, 5/1/09, Scott Gray <scott.g...@hotwaxmedia.com> wrote:Some of these questions in the discussions so far give me the feeling that the write up Andrew put in confluence hasn't been read, is that the case? Anyway I'm a +1 for the new auth framework, I think it give us more power AND simplicity. Will it need improvement over time? of course it will but I think it's a much better base to work from.I don't know if you were around at the time, but I was. One of the "weaknesses" Andrew is trying to fix with this latest effort is the permissions services - another design he introduced a couple years ago. Everyone went along with it and re-wrote code to use service permissions. (I spent several weekends just converting the accounting component over to the new security implementation). Now we're being told "Oops, that design is limited, let me try again."
I don't really think that is relevant, permission services were an improvement to the existing security framework, designing a new framework doesn't invalidate an improvement to the old one.
Why would anyone have any objection to opening this up to the community before we start writing code? Maybe there are others who see weaknesses in the new design. Give them a chance to offer input.
The point is that it was opened up to the community before any code was written, all that needed to happen to delay coding was for someone to say that they needed time. Collaboration is a two way street and it shouldn't be up to the proposer to check to see if you're considering making a comment at some point you should just say so.
Regards Scott
smime.p7s
Description: S/MIME cryptographic signature
