I'm working on two new proposals (see below) for externalizing user and permissions management, which is something that I need and others have requested, for example Elliot of Lulu.com and James Snell of IBM. These proposals are not complete, but I'd like to get some feedback now before I go too far into design.
So, interested parties, please take a look and provide feedback. Does this meet our common requirements for externalized user profiles and permissions? What about the implementation? See any red flags for performance or scalability? - Dave Externalize User Management For ease of installation and management, Roller is able to manage it's own users without relying on any external system other than its RDBMS. We definitely don't want to lose that that easiness, but as Roller moves into enterprise scenarios where Directory Servers rule and social networking scenarios where user profile information is key, we need to make some changes. For Roller to be successful in large organizations and social networks, we need to make it easy to integrate Roller with existing user management systems. The way to do that is to externalize user management, or rather to make it externalizable. This proposal outlines a plan to make it easy to hook Roller up to an external user management system for user information, user profiles and user roles. The general approach is to define a UserRepostory API, provide a default implementation for Roller, and change UserManager to use that API. Developer could then provide alternative implementations of that API to plug in their own user management systems. Also, to allow more authentication options make it possible to configure Roller to use CMA instead of Acegi. Read the rest here: http://cwiki.apache.org/confluence/display/ROLLER/Proposal+Externalize+User+Management AKA http://tinyurl.com/352ttm Externalize User Permissions For ease of installation and management, Roller is able to manage it's own users permissions relying on any external system other than its RDBMS. We don't want to lose that ability, but we do want to make it possible to plug Roller into existing sites and applications that have their own permissions management systems. This proposal outlines a plan to make it easy to hook Roller up to an external user permissions system. The general approach is to define a User Permissions API, provide a default implementation for Roller, and change UserManager to use that API. Developer could then provide alternative implementations of that API to plug in their own user permissions systems. Read the rest here: http://cwiki.apache.org/confluence/display/ROLLER/Proposal+Externalize+User+Permissions AKA http://tinyurl.com/2rfpba
