Dear list - specifically all those having successful access control
implementations,
I'd like to poll you for how you did it. Not so much the action of
authentication, but more so how access is monitored and restricted. This
is a well-known problem in general, but I've yet to see a satisfactory
and pluggable implementation. First, the basic details:
A user can have one or more roles, and roles determine what that user
can and can't do/see/access. As I said, this is a well-known problem and
there's even an existing library for the task: tapestry-acegi.
The good thing about tapestry-acegi is its 2 simple components. The make
perfect sense and make integration feel smooth and water-tight (ie, not
leaky). The bad things are:
1) The documentation is basically non-existent and I have no idea how to
get it set up. Using the components is a no brainer - its the
infrastructure that loses me.
2) It requires foreknowledge of acegi. Ok, so I checked out those docs,
which led me to:
3) Acegi docs explicitly state that knowledge of spring is required, so
you must first know (or learn) that.
That's where I draw the line. If you've read many posts from me, you may
know that while I've been developing in Java for about 6 years I've
specifically avoided using it for web because I've never felt it "had it
together." Yes its capable, but its been overly complex and fragmented.
Yes there are open source options but none of them, including struts and
spring, have been enough to convince me that investing my time in
learning them was worth it. This changed when I started toying with
tapestry and its perspective of development (so this probably includes
wicket, web objects, and prado).
I'm not bashing tapestry-acegi by any means. In fact I commend, thank,
and cite in code the project as I used the idea of the IfLoggedIn
component. It's both simple and elegant - but it requires knowledge that
I don't have am not convinced is worth my having.
So... what are any of you other ambitious T5ers using for this? Packaged
tools? Home grown? I'm home growing one at the moment (specific to a
project) and would love to share, but I want to know what anyone else is
doing to solve this classic problem.
sincerely,
chris
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]