turbine-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Courcoux <pe...@courcoux.biz>
Subject Re: Turbine and Hibernate again
Date Wed, 14 Jan 2004 22:35:46 GMT
On Wed, 2004-01-14 at 21:14, Gerry Duprey wrote:
> Howdy,
> I was following the discussion last month about integrating Turbine and 
> Hibernate.  One of the last comments on the subject was a pointer to the 
> Hibernate HowTo in the Turbine How To pages.
> I've looked it over and for the most part it's pretty simple/understandable. 
> However, I do not quite understand what the need for the hibernate-avalon jar 
> is.  What does that supply?  From the rest of the code examples and 
> discussion, it would appear that I could integrate hibernate (as done in these 
> examples) without it.

Turbine has always had a framework for providing a range of services to
web applications. The earlier services framework was based on
jakarta-turbine-stratum. More recently, a lot of work has been done on
service frameworks and one such project is apache Avalon. This framework
was chosen to replace the stratum framework in turbine. The
hibernate-avalon jar provides an api and implementation which makes
hibernate available as a service following the avalon framework
conventions. Hibernate could, of course, be integrated into turbine
without it but IMHO this would be a backward step. 

If you are interested in why, go to the avalon.apache.org pages and look
for information on 'Separation of Concerns' (SOC) and 'Inversion of
Control' (IOC).

> Most critical to me though is replacing Turbines reliance on Torque for the 
> user security functions.  There was some discussion about having created a 
> replacement security system for Turbinbe/Hibernate, but I'm not sure what 
> steps to take to do this.  What code, what config items, etc, etc.

There are a number of implementations of a security service in the
jakarta-turbine-fulcrum packages. I'm not sure how good the
documentation is but the code is there. 

> Finally, other than being redundant, is there anything we would loose, 
> functionality wise, in Turbine if we just didn't use any of the security stuff 
> and used our own method?  Ideally, I think reusing code would be best if we 
> can make it fit, but I'd like to explore the options available to us.
I believe that the roadmap for turbine includes the breaking out of some
of the highly coupled code which still exists into individual components
which can lead to more flexibility in implementation. Following that,
there has been talk of implementing some sort of pipeline or filterchain
of components such as security, action loader, page loader etc. ,
allowing these to be switched in and out quickly and easily.

> Any help here would be appreciated - even if it's just pointers.  We've gotten 
> through the testing stage and are very happy with Turbine.  Now we need to 
> move on to real development and this is about all that is holding us up right now.

In most of the applications that I have written with turbine, I have
written my own security service. A look at the TemplateSessionValidator,
TurbineAccessControlList, VelocitySecureScreen and VelocitySecureAction
classes will start to point you in the right direction.

> Thanks in advance,

> Gerry

I hope that this helps. 


Peter Courcoux <peter@courcoux.biz>

To unsubscribe, e-mail: turbine-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-user-help@jakarta.apache.org

View raw message