cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ugo Cei <>
Subject Re: Linotype
Date Sat, 27 Mar 2004 19:47:49 GMT
Torsten Curdt wrote:
> In general I agree but it makes the deployment more
> complicated because the authentication differs from
> container to container.

The container-specific part of the configuration varies, but it's 
usually not that complicated. And everyone who has ever deployed a J2EE 
webapp should know it well.

Anyway, the current implementation of authentication in Linotype is a 
toy, so you'd have to rewrite it for a realistic deployment, and whoever 
wants to deploy Linotype using a different user repository, LDAP for 
example, or support single sign-on, would have to rewrite it once again.

J2EE has a standardized, declaratively specified, authentication 
mechanism for web apps, that is good enough for Linotype and most apps. 
Why reinvent it?

> We would need to maintain examples for the different
> containers... The login page might also need to
> be different per container.

We can easily provide a configuration for Jetty, since that's what we 
distribute for running the examples (I already did and will commit it 
soon). Adding another one for Tomcat wouldn't be a problem at all.

I am talking specifically about a file-based user realm, no JDBC so 
there would be no dependencies.

WRT the login page, I routinely use the same page for Jetty and Tomcat, 
so I suppose it's standard. But you can always use BASIC authentication 
and do without a login page.

> But wouldn't this limit us to the particular "features"/stuctur of that
> markup. (Well, except using a different namespace) And what is the
> benefit? We could save a transformation.

Atom (and I think also RSS 2.0) can be extended with elements from other 
namespaces, indeed. And we could also ask for changes to the Atom spec, 
since it's still in draft stage. Anyway, what do you suggest that we use 
as an alternative?


View raw message