[OFBiz] Dev - framework/application split security/party

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[OFBiz] Dev - framework/application split security/party

Adam Heath-2
Components in framework shouldn't depend on anything in application, right?
So why does UserLogin@framework/security/entitydef/entitymodel.xml reference
Party@application/party/entitydef/entitymodel.xml(same for Person and
PartyGroup)?
 
_______________________________________________
Dev mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [OFBiz] Dev - framework/application split security/party

David E. Jones

Yes, in theory. No guarantees on that yet, it is just what we are  
moving towards. When we do the framework separated release checking  
on and fixing these will be part of the effort.

There is a plan to work around issues like this, namely the UserLogin  
and Party relationship, but it hasn't been implemented yet.

I guess it comes back to time and money. I know people hate to hear  
that, but there's just no escaping reality. Even if we had all the  
time and money we needed, it still wouldn't happen because then we'd  
have no motivation to actually do it... ;) A bit of a conundrum that...

-David


On Sep 6, 2005, at 11:25 AM, Adam Heath wrote:

> Components in framework shouldn't depend on anything in  
> application, right?
> So why does UserLogin@framework/security/entitydef/entitymodel.xml  
> reference
> Party@application/party/entitydef/entitymodel.xml(same for Person and
> PartyGroup)?
>
> _______________________________________________
> Dev mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/dev
>

 
_______________________________________________
Dev mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [OFBiz] Dev - framework/application split security/party

Adrian Crum
If this work ever gets done, it would be nice to have security split out too -
so that userlogin security can be handled by a set of services outside of the
party manager application (permissions and such). This could then lead to custom
security implementations - such as the LDAP idea mentioned some time ago.


David E. Jones wrote:

>
> Yes, in theory. No guarantees on that yet, it is just what we are  
> moving towards. When we do the framework separated release checking  on
> and fixing these will be part of the effort.
>
> There is a plan to work around issues like this, namely the UserLogin  
> and Party relationship, but it hasn't been implemented yet.
>
> I guess it comes back to time and money. I know people hate to hear  
> that, but there's just no escaping reality. Even if we had all the  time
> and money we needed, it still wouldn't happen because then we'd  have no
> motivation to actually do it... ;) A bit of a conundrum that...
>
> -David
>
>
> On Sep 6, 2005, at 11:25 AM, Adam Heath wrote:
>
>> Components in framework shouldn't depend on anything in  application,
>> right?
>> So why does UserLogin@framework/security/entitydef/entitymodel.xml  
>> reference
>> Party@application/party/entitydef/entitymodel.xml(same for Person and
>> PartyGroup)?
>>
>> _______________________________________________
>> Dev mailing list
>> [hidden email]
>> http://lists.ofbiz.org/mailman/listinfo/dev
>>
>
>
> _______________________________________________
> Dev mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/dev
>
 
_______________________________________________
Dev mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/dev