continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brett Porter <br...@apache.org>
Subject Re: Continuum Security design
Date Wed, 19 Jul 2006 04:04:55 GMT
I've added my comments.

I don't think we need domain ACLs - it's an interesting concept but it 
also worries me a little to have security as an afterthought - it's 
intrinsic to the design of the code in some ways (surely if you only 
want to give one person access to a subset of the data you also want to 
avoid going ahead and retrieving the data in the first place). Perhaps I 
misunderstand it's intent.

So, where are we at with this? I don't think its healthy to keep a 
branch for too long on something so fundamental as it'll become hard to 
merge back in, but is Acegi proving to be both non-intrusive and capable 
of doing what we need? What state is it in?

- Brett

On 11/07/2006 8:41 AM, Carlos Sanchez wrote:
> http://docs.codehaus.org/display/CONTINUUM/Security
> 
> Please take a look and provide feedback on the semantics of what to
> secure and to what level.
> 


-- 
Apache Maven - http://maven.apache.org/
Better Builds with Maven - http://library.mergere.com/

Mime
View raw message