Hi Sergiu,
On Aug 24, 2008, at 10:51 PM, Sergiu Dumitriu wrote:
Vincent Massol wrote:
Hi,
Here's a proposal for implementing configuration in the new
architecture, using components.
Note: I think this is compatible with Sergiu's proposal here:
http://tinyurl.com/6md5jd
[snip]
Looks good. One thing I didn't see there is how to access the
configuration from wiki documents. Maybe have a configuration access
helper in the velocity context, which can lookup and return
configuration components? In this case, we should have some security
assertions on those components, maybe using an annotation.
Yes for me all components should be accessible from Velocity. I think
they should be put one by one and not the component manager. This will
prevent errors and only components we decide will be retrievable.
And yes we haven't solved the general question of authentication. I
think the best would be to use annotations on public methods with the
permission level required to call them or something similar. Not sure
yet about the details.
For configuration we need to ensure that properties are read only and
cannot be set. For example password fields or permission values
shouldn't be able to be modified by anyone.
Another thing that isn't quite clear is how to
avoid cyclic
dependencies, since configuration needs to access wiki documents,
which
in turn might need some already configured components. Maybe we'll
just
have to take care of this manually (I don't see any such dependencies
right now).
Yes, I have thought about this too but I don't have an answer right
now apart the fact that we control the ConfigurationSources used to
populate a java bean and that should offer us a little help in some
cases. We'll have to handle it as the problem happens.
Thanks
-Vincent