You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@turbine.apache.org by Eric Pugh <ep...@upstate.com> on 2003/12/05 18:52:03 UTC

RE: hibernate security service...

You could very easily roll one..   A lot of my thinking on the Security
Service came out of working and writing unit tests for OSWorkflow.
OSWorkflow faces a similar challenge, how to provide multiple
implementations for persisting data.  There are
jdbc,ojb,hibernate,memory,filestore,ofbiz, ejb etc implementations.

The problem with the JDBC is that yes, while it is simpler to start with,
and reduces jar numbers, etc, eventually someone comes up with problems with
getting a jdbc transaction to participate in a larger transaction.  Or they
want caching.  That is where using the Hibernate (or other ORM)
implementation starts to payoff.

I have been refactoring madly the security code based on seeing some best
practices for writing merlin components.  The current code base that I am
going to give one last review to is composed of multiple projects that helps
deliniate which dependencies are required.  Currently they are:
/api   			What the application sees.
/spi	 			Helper classes that implementations can leverage.  Not yet a "true"
SPI, but getting there.
/mememory 			A memroy based implementation that gets you started quickly.
Useful in unit testing or doing examples..
/hibernate			A hibernate based implementation.  The unit tests currently
interact with a McKOI in memory database!
/nt				An NT based implementation.  Looks user and group information up from
NT.  Note: you do need a username and password, it doesn't use
				anything like NTLM yet.
/adapters/turbine 	An adapter for fooling Turbine 2.3 based security into
delegating to the fulcrum security code.
/adapters/opensymphony  An adapter that lets OSUser delegate calls for
authentication to Fulcrum security.

At this time I removed the Torque based code.  It was completely un
unittested, barely compiled, and not used.  If there is a demand for it,
then we can add it back in as another project /torque.  Additionally, if
someone would like to provide a jdbc implementation, that would be great.
Look at the OSUser jdbc implementation for ideas.

Additionally, in terms of models I have working are:

Dynamic 			Users in groups with roles and permissions
Basic				Users in groups
Turbine			Extends Dynamic, adding extra functionality like isAnonymousUser
and getGlobalGroup.  Otherwise the same as Dynamic.

Humberto, since you had the best explanation of the Turbine security model,
once I get the code checked in, I would appreciate it if you could review
how it works for me.

Sincerely,
Eric Pugh

> -----Original Message-----
> From: Humberto Hernandez Torres [mailto:hhernandez@itweb.com.mx]
> Sent: Wednesday, November 26, 2003 6:43 PM
> To: Turbine Users List
> Subject: RE: hibernate security service...
>
>
> I am of the idea, that we should have a generic JDBC Security
> Service that
> runs directly on top of JDBC and is independent of Torque or
> Hibernate. It
> just seems simpler.
> --
>   Humberto
>
> > -----Original Message-----
> > From: Eric Pugh [mailto:epugh@upstate.com]
> > Sent: Tuesday, November 25, 2003 1:02 PM
> > To: 'Turbine Users List'
> > Subject: RE: hibernate security service...
> >
> >
> > Gerardo,
> >
> > there is a bunch coming..  While the current hibernate
> > service works well, I
> > am in the process of refactoring the project to have:
> >
> > /api
> > /hibernate
> > /memory
> > /adapters
> > 	/turbine
> > 	/opensymphony
> >
> > so that you don't get a big bunch of extra stuff.  I am also
> > adding a new
> > model in called "groups" that basically allows you to put
> > users in multiple
> > groups, and groups in multiple groups.  But no "roles" or
> > "permissions".  I
> > will have a hibernate and memory implmentations of that.
> > Look for it in
> > about two weeks, as I am traveling a bunch..
> > Eric
> >
> > > -----Original Message-----
> > > From: Gerardo Segura [mailto:gsegura@lania.mx]
> > > Sent: Monday, November 24, 2003 6:11 PM
> > > To: turbine-user@jakarta.apache.org
> > > Subject: hibernate security service...
> > >
> > >
> > > Hi
> > > is there any security service based on hibernate?
> > > Or any docs besides the 'Hibernate OM Howto' about
> turbine-hibernate
> > > stuff? <../howto/hibernate-howto.html>
> > >
> > > Gerardo
> > >
> > >
> > >
> >
> ---------------------------------------------------------------------
> > > To unsubscribe, e-mail:
> turbine-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail:
> > turbine-user-help@jakarta.apache.org
> >
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: turbine-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail:
> turbine-user-help@jakarta.apache.org
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: turbine-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: turbine-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-user-help@jakarta.apache.org