OK, I need ACLs and versioning so I guess WCK isn't for me. The one thing I want to avoid in my system is duplicating security information for a user. This would be the username, password, and the user's roles. We already manage user/passwords/roles in our system, and would like Slide to use our user repository instead of its own. As I look through Slide source code, it is beginning to appear that Slide is really wired to look into its own Store for security information. This leaves me with three choices: 1. Reimplement the Security interface to use my user resository. Very big task there. 2. Create my own Store implementation that wraps Slide's security store so that user/password/user role information is pulled from my user repository while ACLs and all other information is passed through to Slide's security store. Not sure how hard this is... but at first glance it doesn't look straightforward. 3. Have our security system duplicate user information in Slide and keep the two separate systems in sync.
None of these options seem very palatable to me. Am I missing something? Does Slide really not provide an easy way for me to supply it with the currently authenticated user AND his/her roles? To me, the ideal solution would be to hand Slide a preauthenticated token of some sort that says, "I've already authenticated this guy and vouch for him - oh, and btw, these are the roles he is granted." Any information or help in this area is greatly appreciated! Thanks, Andy --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
