Mailing-List: contact dev-help@myfaces.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "MyFaces Development" <dev@myfaces.apache.org>
Received-SPF: pass (asf.osuosl.org: domain of cagatay.civici@gmail.com
 designates 64.233.162.206 as permitted sender)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references;
        b=LAB5HejpA7QESz4lOv54kSm56ovQ9VOq5ZpUXLmbdw0O5a0lNvXYxtKNzM/yJaNr1CWulwCRF0SZ4gJWYbE6XDLFs7poc1IVo7ZvNQe1uFLiDR8UJV7SqxVsJ7tPeu1zELziKCW/rsKs4VjVl5S15jEiW6UierYtiB+VKvQG3YA=
Message-ID: <8c9d4eaa0608160803v3642d27dq86701fecbcf5cc07@mail.gmail.com>
Date: Wed, 16 Aug 2006 18:03:59 +0300
From: "Cagatay Civici" <cagatay.civici@gmail.com>
To: "MyFaces Development" <dev@myfaces.apache.org>
Subject: Re: s:secure
In-Reply-To: <8f985b960608160752l63e2ade1td2a884299cf33c8b@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_Part_222408_8212667.1155740639333"
References: <4AB9FAC47CFEC14C9EE1C88AC96EF76A0600E0@SBYEXCP03.ibt.ibtco.com>
	 <5a99335f0608160718k71a3877l4726dfee864523b4@mail.gmail.com>
	 <8f985b960608160730n77009cc5re1ed1324aa97e231@mail.gmail.com>
	 <5a99335f0608160744p737c971ag1e566a4910386fb2@mail.gmail.com>
	 <8f985b960608160752l63e2ade1td2a884299cf33c8b@mail.gmail.com>

------=_Part_222408_8212667.1155740639333
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

>
> I think the real question is where to draw the line.    Should we
> really be maintaining a component that only works for a subset of the
> cases and only saves a few characters of typing?   I'd recommend that
> someone who strongly feels the need for such a component start using
> Facelets and implement s:secure as template that generates the
> panelGroup tag :-)


Typing less and reduced effort is what ROR guys are proud of nowadays:) I
still think using multiple panel groups looks like a hack and we should
consider not everyone is a facelets user.

One user may like using EL or another user may like s:secure. In the end the
whole idea is to provide out of the box features for security and reduce the
amount of work and time of myfaces users that they need to enable security.

Cagatay


On 8/16/06, Mike Kienenberger <mkienenb@gmail.com> wrote:
>
> On 8/16/06, Mario Ivankovits <mario@ops.co.at> wrote:
> > Having a simple secure tag will also reflect what the designer/developer
> > wanted to do - just secure some components.
>
>
> On 8/16/06, Martin Marinschek <martin.marinschek@gmail.com> wrote:
> > Then the only remaining issue is that with our suggestion, the
> > rendered-attribute might contain references to both security related
> > conditions _and_ other conditions - so a clear separation might not be
> > provided by this.
>
> Can be handled by multiple panelGroups if it's required.
>
>
> > An <s:secure/>-tag might be more explicit
>
> I think the real question is where to draw the line.    Should we
> really be maintaining a component that only works for a subset of the
> cases and only saves a few characters of typing?   I'd recommend that
> someone who strongly feels the need for such a component start using
> Facelets and implement s:secure as template that generates the
> panelGroup tag :-)
>
> Maintaining a "real" component is a lot of work under JSP and the
> benefits of this particular component are trivial in my opinion.
>
> <facelet-taglib>
>    <namespace>">http://www.mycompany.com/jsf</namespace>
>    <tag>
>    <tag-name>secure</tag-name>
>    <source>/WEB-INF/tags/secureComponent.xhtml</source>
>    </tag>
> </facelet-taglib>
>

------=_Part_222408_8212667.1155740639333
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

<blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">I think the real question is where to draw the line. &nbsp; &nbsp;Should we<br>really be maintaining a component that only works for a subset of the
<br>cases and only saves a few characters of typing? &nbsp; I'd recommend that<br>someone who strongly feels the need for such a component start using<br>Facelets and implement s:secure as template that generates the<br>panelGroup tag :-)
</blockquote><div><br>Typing less and reduced effort is what ROR guys are proud of nowadays:) I still think using multiple panel groups looks like a hack and we should consider not everyone is a facelets user.<br><br>One user may like using EL or another user may like s:secure. In the end the whole idea is to provide out of the box features for security and reduce the amount of work and time of myfaces users that they need to enable security.
<br><br>Cagatay<br>&nbsp;</div><br><div><span class="gmail_quote">On 8/16/06, <b class="gmail_sendername">Mike Kienenberger</b> &lt;<a href="mailto:mkienenb@gmail.com">mkienenb@gmail.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On 8/16/06, Mario Ivankovits &lt;<a href="mailto:mario@ops.co.at">mario@ops.co.at</a>&gt; wrote:<br>&gt; Having a simple secure tag will also reflect what the designer/developer<br>&gt; wanted to do - just secure some components.
<br><br><br>On 8/16/06, Martin Marinschek &lt;<a href="mailto:martin.marinschek@gmail.com">martin.marinschek@gmail.com</a>&gt; wrote:<br>&gt; Then the only remaining issue is that with our suggestion, the<br>&gt; rendered-attribute might contain references to both security related
<br>&gt; conditions _and_ other conditions - so a clear separation might not be<br>&gt; provided by this.<br><br>Can be handled by multiple panelGroups if it's required.<br><br><br>&gt; An &lt;s:secure/&gt;-tag might be more explicit
<br><br>I think the real question is where to draw the line.&nbsp;&nbsp;&nbsp;&nbsp;Should we<br>really be maintaining a component that only works for a subset of the<br>cases and only saves a few characters of typing?&nbsp;&nbsp; I'd recommend that<br>
someone who strongly feels the need for such a component start using<br>Facelets and implement s:secure as template that generates the<br>panelGroup tag :-)<br><br>Maintaining a &quot;real&quot; component is a lot of work under JSP and the
<br>benefits of this particular component are trivial in my opinion.<br><br>&lt;facelet-taglib&gt;<br>&nbsp;&nbsp; &lt;namespace&gt;&quot;&gt;<a href="http://www.mycompany.com/jsf">http://www.mycompany.com/jsf</a>&lt;/namespace&gt;
<br>&nbsp;&nbsp; &lt;tag&gt;<br>&nbsp;&nbsp; &lt;tag-name&gt;secure&lt;/tag-name&gt;<br>&nbsp;&nbsp; &lt;source&gt;/WEB-INF/tags/secureComponent.xhtml&lt;/source&gt;<br>&nbsp;&nbsp; &lt;/tag&gt;<br>&lt;/facelet-taglib&gt;<br></blockquote></div><br>

------=_Part_222408_8212667.1155740639333--