OFBiz › OFBiz - Dev

[OFBiz] Dev - framework/application split security/party

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

3 messages Options

Adam Heath-2

Sep 06, 2005; 6:25pm

[OFBiz] Dev - framework/application split security/party

1963 posts

Components in framework shouldn't depend on anything in application, right?
So why does UserLogin@framework/security/entitydef/entitymodel.xml reference
Party@application/party/entitydef/entitymodel.xml(same for Person and
PartyGroup)?

_______________________________________________
Dev mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/dev

David E. Jones

Sep 07, 2005; 6:27am

Re: [OFBiz] Dev - framework/application split security/party

1146 posts

Yes, in theory. No guarantees on that yet, it is just what we are
moving towards. When we do the framework separated release checking
on and fixing these will be part of the effort.

There is a plan to work around issues like this, namely the UserLogin
and Party relationship, but it hasn't been implemented yet.

I guess it comes back to time and money. I know people hate to hear
that, but there's just no escaping reality. Even if we had all the
time and money we needed, it still wouldn't happen because then we'd
have no motivation to actually do it... ;) A bit of a conundrum that...

-David

On Sep 6, 2005, at 11:25 AM, Adam Heath wrote:

> Components in framework shouldn't depend on anything in
> application, right?
> So why does UserLogin@framework/security/entitydef/entitymodel.xml
> reference
> Party@application/party/entitydef/entitymodel.xml(same for Person and
> PartyGroup)?
>
> _______________________________________________
> Dev mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/dev
>

_______________________________________________
Dev mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/dev

Adrian Crum

Sep 07, 2005; 4:29pm

Re: [OFBiz] Dev - framework/application split security/party

2435 posts

If this work ever gets done, it would be nice to have security split out too -
so that userlogin security can be handled by a set of services outside of the
party manager application (permissions and such). This could then lead to custom
security implementations - such as the LDAP idea mentioned some time ago.

David E. Jones wrote:

>
> Yes, in theory. No guarantees on that yet, it is just what we are
> moving towards. When we do the framework separated release checking on
> and fixing these will be part of the effort.
>
> There is a plan to work around issues like this, namely the UserLogin
> and Party relationship, but it hasn't been implemented yet.
>
> I guess it comes back to time and money. I know people hate to hear
> that, but there's just no escaping reality. Even if we had all the time
> and money we needed, it still wouldn't happen because then we'd have no
> motivation to actually do it... ;) A bit of a conundrum that...
>
> -David
>
>
> On Sep 6, 2005, at 11:25 AM, Adam Heath wrote:
>
>> Components in framework shouldn't depend on anything in application,
>> right?
>> So why does UserLogin@framework/security/entitydef/entitymodel.xml
>> reference
>> Party@application/party/entitydef/entitymodel.xml(same for Person and
>> PartyGroup)?
>>
>> _______________________________________________
>> Dev mailing list
>> [hidden email]
>> http://lists.ofbiz.org/mailman/listinfo/dev
>>
>
>
> _______________________________________________
> Dev mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/dev
>

... [show rest of quote]

_______________________________________________
Dev mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/dev