You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@turbine.apache.org by "Weaver, Scott" <Sw...@rippe.com> on 2002/05/07 22:44:13 UTC
Start Turbine Security Proposal Back Up (was Semi-Newbie. Is ne
wapp push or pull?)
> I wouldn't mind seeing the security thing again.. I followed
> the security
> threads.. But it seemed like there where so many opinions
> that nothing ever
> was decided.. My biggest roadblock in moving to T2.2 and
> fully using users
> and security is that it seems that the Turbine user and
> security stuff is so
> inflexible that it is causing all sorts of problems tieing in
> the Torque
> objects..
Amen, I spent a day trying to convert my t2.2 pre-torque/fulcrum decoupling
application to the decoupled version. I ended up scrapping everything and
restoring my original app due to the incompatibilites between fulcrum's
Security and RunData and the same Torque issues you mentioned.
> I would love to see contrib as well, I have a mostly function NT Auth
> service that I would like to add.. I never published it because of
> Turbine's really funky requirements on users, I just ended up
> working around
> Turbine (not the right way, I know!).
If some of the original people who started security proposal would be able
start it up again, I'd be willing to lend a hand. And I'm sure your
experience with NT domain auth stuff would be greatly appreciated also.
Scott
> -----Original Message-----
> From: Eric Pugh [mailto:epugh@upstate.com]
> Sent: Tuesday, May 07, 2002 4:26 PM
> To: 'Turbine Users List'
> Subject: RE: Semi-Newbie. Is newapp push or pull?
>
>
> I wouldn't mind seeing the security thing again.. I followed
> the security
> threads.. But it seemed like there where so many opinions
> that nothing ever
> was decided.. My biggest roadblock in moving to T2.2 and
> fully using users
> and security is that it seems that the Turbine user and
> security stuff is so
> inflexible that it is causing all sorts of problems tieing in
> the Torque
> objects..
>
> I wouldn't mind seeing the security stuff moved forward, and
> I don't really
> care about the details, I just want it more flexible! Any
> new security
> system has to be better then the existing one!
>
> I would love to see contrib as well, I have a mostly function NT Auth
> service that I would like to add.. I never published it because of
> Turbine's really funky requirements on users, I just ended up
> working around
> Turbine (not the right way, I know!).
>
> Eric
>
> -----Original Message-----
> From: Weaver, Scott [mailto:Sweaver@rippe.com]
> Sent: Tuesday, May 07, 2002 3:45 PM
> To: 'Turbine Users List'
> Subject: RE: Semi-Newbie. Is newapp push or pull?
>
>
> > -----Original Message-----
> > From: Eric Pugh [mailto:epugh@upstate.com]
> > Sent: Tuesday, May 07, 2002 2:29 PM
> > To: 'Turbine Users List'
> > Subject: RE: Semi-Newbie. Is newapp push or pull?
>
> > that is very cool..
>
> thanks :)
>
>
> > I remember a long time ago someone
> > talked about a FAQ..
>
> So do I. Haven't heard much lately, though.
>
> > doesn't jakarta have a faqomatic (jive?) setup that any
> > jakarta project
> > could use?
>
> I think Jyve is dead.
>
> > Also, I wish there was a contrib directory or something where
> > great patterns
> > like what you are doing could be.. Reading mailing list
> > archives will get
> > you there eventually, but synthesing the info would be even better.
>
> The security system I've developed was supposed to be part of the
> proposal
> for the next generation of turbine's security implementation.
> However,
> it
> seems that the progress on that has pretty much halted. I posted the
> entire
> system a couple of weeks ago to turbine-user, due to requests
> for it. I
> have heard nothing, though.
>
> As for a contrib area, I've heard talk about that becoming a real
> possibilty
> in the near future.
>
> p.s.
>
> I you or anyone else is interested in the SecurityContext
> system, let me
> know an I will post it (again). If enough people show interest we may
> be
> able to get the ball rolling again on the new turbine
> security proposal.
>
> Regards,
> Scott
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
RE: Start Turbine Security Proposal Back Up (was Semi-Newbie. Is newapp push or pull?)
Posted by David Wynter <da...@btclick.com>.
Hi Scott,
I had a look at your security support but did not use it in the end. It was
more powerful (i.e. by the time I got it I had worked out my scheme ) than I
needed and I implemented a much simpler scheme based around screens and
templates in a directory directly related to role and the following
properties in my properties file.
# -------------------------------------------------------------------
#
# The roles of the users of rwTransformer are shown here
# These are as found in the Turbine_Role table
# They are used to select the layout used
# The roles.directory values must follow the same ordering of roles
# property values
# The values represent the directories under which actions and
# screens the different roles are allowed access to.
# -------------------------------------------------------------------
roles=Administrator, Message User
role.directory=Admin, MsgUser
# -------------------------------------------------------------------
#
# The layouts used for the different user roles
# Property values must be in the same order as the roles above
# -------------------------------------------------------------------
role.layout=/Admin/Default.vm, /MsgUser/Default.vm
If my application had a more complex set of users with overlapping roles and
screens to access I would use your scheme.
regards
David
-----Original Message-----
From: Weaver, Scott [mailto:Sweaver@rippe.com]
Sent: 07 May 2002 21:44
To: 'Turbine Users List'
Subject: Start Turbine Security Proposal Back Up (was Semi-Newbie. Is
newapp push or pull?)
> I wouldn't mind seeing the security thing again.. I followed
> the security
> threads.. But it seemed like there where so many opinions
> that nothing ever
> was decided.. My biggest roadblock in moving to T2.2 and
> fully using users
> and security is that it seems that the Turbine user and
> security stuff is so
> inflexible that it is causing all sorts of problems tieing in
> the Torque
> objects..
Amen, I spent a day trying to convert my t2.2 pre-torque/fulcrum decoupling
application to the decoupled version. I ended up scrapping everything and
restoring my original app due to the incompatibilites between fulcrum's
Security and RunData and the same Torque issues you mentioned.
> I would love to see contrib as well, I have a mostly function NT Auth
> service that I would like to add.. I never published it because of
> Turbine's really funky requirements on users, I just ended up
> working around
> Turbine (not the right way, I know!).
If some of the original people who started security proposal would be able
start it up again, I'd be willing to lend a hand. And I'm sure your
experience with NT domain auth stuff would be greatly appreciated also.
Scott
> -----Original Message-----
> From: Eric Pugh [mailto:epugh@upstate.com]
> Sent: Tuesday, May 07, 2002 4:26 PM
> To: 'Turbine Users List'
> Subject: RE: Semi-Newbie. Is newapp push or pull?
>
>
> I wouldn't mind seeing the security thing again.. I followed
> the security
> threads.. But it seemed like there where so many opinions
> that nothing ever
> was decided.. My biggest roadblock in moving to T2.2 and
> fully using users
> and security is that it seems that the Turbine user and
> security stuff is so
> inflexible that it is causing all sorts of problems tieing in
> the Torque
> objects..
>
> I wouldn't mind seeing the security stuff moved forward, and
> I don't really
> care about the details, I just want it more flexible! Any
> new security
> system has to be better then the existing one!
>
> I would love to see contrib as well, I have a mostly function NT Auth
> service that I would like to add.. I never published it because of
> Turbine's really funky requirements on users, I just ended up
> working around
> Turbine (not the right way, I know!).
>
> Eric
>
> -----Original Message-----
> From: Weaver, Scott [mailto:Sweaver@rippe.com]
> Sent: Tuesday, May 07, 2002 3:45 PM
> To: 'Turbine Users List'
> Subject: RE: Semi-Newbie. Is newapp push or pull?
>
>
> > -----Original Message-----
> > From: Eric Pugh [mailto:epugh@upstate.com]
> > Sent: Tuesday, May 07, 2002 2:29 PM
> > To: 'Turbine Users List'
> > Subject: RE: Semi-Newbie. Is newapp push or pull?
>
> > that is very cool..
>
> thanks :)
>
>
> > I remember a long time ago someone
> > talked about a FAQ..
>
> So do I. Haven't heard much lately, though.
>
> > doesn't jakarta have a faqomatic (jive?) setup that any
> > jakarta project
> > could use?
>
> I think Jyve is dead.
>
> > Also, I wish there was a contrib directory or something where
> > great patterns
> > like what you are doing could be.. Reading mailing list
> > archives will get
> > you there eventually, but synthesing the info would be even better.
>
> The security system I've developed was supposed to be part of the
> proposal
> for the next generation of turbine's security implementation.
> However,
> it
> seems that the progress on that has pretty much halted. I posted the
> entire
> system a couple of weeks ago to turbine-user, due to requests
> for it. I
> have heard nothing, though.
>
> As for a contrib area, I've heard talk about that becoming a real
> possibilty
> in the near future.
>
> p.s.
>
> I you or anyone else is interested in the SecurityContext
> system, let me
> know an I will post it (again). If enough people show interest we may
> be
> able to get the ball rolling again on the new turbine
> security proposal.
>
> Regards,
> Scott
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>