FWIW (having no experience w/ Lockdown), my take on authorization is that it's usually core application behaviour, such that the best approach is to write your own "as simple as it can be, but no simpler" implementation using common conventions.
I usually use restful_authentication as a base and customize / add authorization on top of it, which means most libraries you might want to add later will find something they can hook into. Hassox's Warden might also provide a nice starting point. Whatever the base, I'd stick with something simple and widely used. Interesting to see Phan's experience with Authlogic ... YMMV cheers, DL -- You received this message because you are subscribed to the Google Groups "Ruby or Rails Oceania" group. To post to this group, send email to rails-ocea...@googlegroups.com. To unsubscribe from this group, send email to rails-oceania+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rails-oceania?hl=en.