On Dec 6, 2007 12:17 PM, Ted Husted <[EMAIL PROTECTED]> wrote: > Although I have no clue what SPI means, I do see the web page mentions > Struts by name, and says that it can be added to applications > transparently.
SPI is Service Provider Interface. The Framework would be built around an interface, and then Struts would be configured to use an SPI implementation. The JDK has many SPI packages. > The vast majority of web applications run inside a firewall and are > used by a handful of trusted employees. There are many cases where > Klingon-grade security may not always trump day-to-day performance. LOL > On the Struts 1 security front, there are also projects like the > Struts SSL Extension which could be subsumed into the core. I am not strongly in favor of belonging to the core. I think the feature should be optional, but I wouldn't also object if it was put of the core with the option to turn on/off. The developers of HDIV said their programming model would be extremely simplified if they could have an SPI that targets both versions of Struts. I agree and I think it also opens the door to other people doing other kinds of implementations. Paul
