I like that the security aspect of T5 is open for me to implement. Choices for this kind of thing is good. Imagine you are mandated to use some other existing framework. Code reuse is good. Do we really want to find people to write a Netegrity Siteminder plugin for a custom security framework?
I think they are still planning on renaming Acegi to "Spring Security", which may further muddy the waters. I don't use Tapestry-Acegi, so the T5 page/components don't know anything about security or roles, and for me that's just fine. My pages just look inside an ASO that the Acegi filter creates when a login goes well. You satisfaction may vary depending on the number of roles, etc. I think the distinction to make is providing smart defaults in the framework versus providing homebrew functionality that is duplicated elsewhere. I don't have experience with other OSS security frameworks, but if there is a common denominator, we should cater to (provide for) that. It's easier to join hands with other frameworks (provide adapters, which update when either side changes) than to put one in your belly. I think the T5 community is much more adept to writing adapters than writing a whole security framework. Daniel Jue > > > > But mostly I love the premises. In a "real web framework" security is > > "built in" and no configuration is even necessary. Bullcrap. Every > > security system needs configuration, because no system can anticipate > > all possible needs and use-cases and auto-configure for that magically > > discovered state. And why should T5 re-build what someone already wrote > > and tested. If acegi works, then why not integrate it? Ooh, wait! I > > know, I know! HLS sucks because he didn't create his own O/R Mapping > > layer! 'Cause why use Cayenne/Hibernate/JPA/TopLink when you can, > > without compelling necessity, write your own, untested system from scratch! > > > > Meh. > > > > Christian. > > > > On 18-Mar-08, at 23:51 , Joshua Jackson wrote: > > > >> I agree. I have requested this before for Tapestry to be a full web > >> framework since right now it's just only a plain web framework. > >> > >> On 3/19/08, yuan gogo <[EMAIL PROTECTED]> wrote: > >>> Tapestry is good. > >>> But I personally think it's lack of something that should be built-in. > >>> e.gsecurity! > >>> > >>> It's right that tapestry can work well with acegisecurity, but it's not > >>> native, is it? > >>> And we programmer need time to write the configuration, debug > >>> ........ it's > >>> boring! > >>> > >>> Even there has been tapestry-acegi, but 2 projects can not be always be > >>> synchronous. What's more, tapestry-acegi can not do all that acegi does. > >>> > >>> I was asp.net user once, even I think it's not so good, but it's good > >>> for > >>> "rapid" development, because some functions like security is built-in. > >>> > >>> thanks. > >>> > >> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
