ofbiz-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Heath <doo...@brainfood.com>
Subject Re: Moving securityext to the framework
Date Sat, 02 Jan 2010 20:55:13 GMT
Ean Schuessler wrote:
> Adrian Crum wrote:
>> I don't agree that emailing forgotten passwords is like the Webtools
>> application. As you have discovered, emailing forgotten passwords
>> entails some decision making, looking up information in various
>> entities, selecting and rendering an email body template, etc. From my
>> perspective, all of those things are outside the scope of the framework.
> I agree. It is easy to imagine that some applications would not allow a
> password to be reset via email. It might be that the application uses
> biometrics, cryptographic signatures or who knows what. The framework
> authentication stubs should accommodate a diversity of approaches.
> One major question is whether framework, on its own, should even be
> runnable as an application. In my opinion, it is a library, not an app
> and doesn't need to be operational on its own.

What is your definition of operational?  A servlet container that is
listing for requests on 8009, 8080?  Ready to process rmi requests?

Is framework a *pure* library, where the application that runs on top
of it is responsible for starting any long-term, background services,
or should framework be the application wrapper?

View raw message