Jsecurity account management and GORM question
|
View:
New views
5 Messages
—
Rating Filter:
Alert me
|
 |
Jsecurity account management and GORM question
by Callaway, Pamela
::
Rate this Message:
Some parts of this message have been removed.
Learn more about Nabble's security policy.
Hi folks, Is there a default behavior for account creation and user
management with Jsecurity? I started to flesh out this function and I
realized it was getting a bit complicated. Also, is there some way to specify the name of the table
used for a one-to-many mapping, using the static mapping closure? Thanks, Pam |
|
|
Re: Jsecurity account management and GORM question
by lhazlewood
::
Rate this Message:
Hi Pam,
JSecurity as a framework (not necessarily the Grails plugin) explicitly stays away from this. To create automated support for User/Role/Permission management, which are part of your domain model, would require the framework to know about your domain model. Domain models change dramatically across organizations and applications, so there might not be easy way to solve this. For example, it is easy to think of adding and creating users, which implies a User class. But does that User class extend a Person class? Maybe the Person class has a collection of postal addresses and phone numbers for address book management. Maybe the application uses Roles, but maybe also Groups. Maybe Roles reference permissions for fine grained control, but maybe the application doesn't need permissions at all. Maybe the User class has a change history requirement so reports can be run on what the users did and when.... I think you get my point. In order to have good User management capabilities, you have to assume quite a bit about a domain model, which is incredibly difficult to do in an application-agnostic manner. Perhaps if you can describe exactly what you're looking for then we can make some adjustments and add support code to make this even easier for many applications. I'm certainly open to suggestions, because if it can be done, then you bet we'll do our best to make it happen :) Cheers, Les On Wed, May 14, 2008 at 4:12 PM, Callaway, Pamela <pcallaway@...> wrote: > > > > > Hi folks, > > > > Is there a default behavior for account creation and user management with > Jsecurity? I started to flesh out this function and I realized it was > getting a bit complicated. > > > > Also, is there some way to specify the name of the table used for a > one-to-many mapping, using the static mapping closure? > > > > Thanks, > > > > Pam --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email |
|
|
RE: Jsecurity account management and GORM question
by Callaway, Pamela
::
Rate this Message:
Hi Les,
I do get what you are saying. I can see how in many ways user management is domain specific. In my case, however, and I think in many other cases, I just need some means to do access control for my site, essentially to password protect certain functions. The barest, most simple kind of authentication and access control. Grails quick-start got me 90% of the way there, but when I went to add in user management, I realized it was a bit more complicated than I thought. It would be really cool if, in addition to adding some basic classes and a login, the quick-start script also generated controllers and the CRUD views for those basic classes. These functions are not quite straight-forward, and probably anyone using the "quick-start" would want them anyways. So far what I've done is grails generate-all JsecUser, then I realized the view showed the password hash, so I had to change the view to ask for a new password, verify it, and then encrypt/hash the password before saving. I added a setPassword function to the class to do this. Then I had to modify the security filter to only let admin users get to the user admin page. Then I realized that you also have to be able to add a person to a particular role. Then I realized the tables that are generated (like jsec_user_role_rel) don't follow the GORM naming/mapping convention, and that's where I got stuck, trying to get the roles for a user automatically loaded as a "hasMany" relationship through GORM. It would be really cool if grails quick-start did all this very basic grunt work for you, or if there was a second command that would do the controller and views for you. I'm talking simplest, most basic authentication and access control - "I have this spiffy app I wrote but I don't want all of it open to the whole world, just specific users for this section" - sort of thing. I would be happy to donate my classes and views, assuming I can get them working properly! I am trying to add the whole CRUD interface for JsecUser and JsecRole. I haven't needed the JsecPermission yet. Is that what you wanted to know? Does that sound like something possible? Regards, Pam -----Original Message----- From: les.hazlewood@... [mailto:les.hazlewood@...] On Behalf Of Les Hazlewood Sent: Wednesday, May 14, 2008 4:31 PM To: user@... Subject: Re: [grails-user] Jsecurity account management and GORM question Hi Pam, JSecurity as a framework (not necessarily the Grails plugin) explicitly stays away from this. To create automated support for User/Role/Permission management, which are part of your domain model, would require the framework to know about your domain model. Domain models change dramatically across organizations and applications, so there might not be easy way to solve this. For example, it is easy to think of adding and creating users, which implies a User class. But does that User class extend a Person class? Maybe the Person class has a collection of postal addresses and phone numbers for address book management. Maybe the application uses Roles, but maybe also Groups. Maybe Roles reference permissions for fine grained control, but maybe the application doesn't need permissions at all. Maybe the User class has a change history requirement so reports can be run on what the users did and when.... I think you get my point. In order to have good User management capabilities, you have to assume quite a bit about a domain model, which is incredibly difficult to do in an application-agnostic manner. Perhaps if you can describe exactly what you're looking for then we can make some adjustments and add support code to make this even easier for many applications. I'm certainly open to suggestions, because if it can be done, then you bet we'll do our best to make it happen :) Cheers, Les On Wed, May 14, 2008 at 4:12 PM, Callaway, Pamela <pcallaway@...> wrote: > > > > > Hi folks, > > > > Is there a default behavior for account creation and user management with > Jsecurity? I started to flesh out this function and I realized it was > getting a bit complicated. > > > > Also, is there some way to specify the name of the table used for a > one-to-many mapping, using the static mapping closure? > > > > Thanks, > > > > Pam --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email |
|
|
Re: Jsecurity account management and GORM question
by Peter Ledbrook-2
::
Rate this Message:
> It would be really cool if, in addition to adding some basic classes and a login, the quick-start script also generated controllers and the CRUD views for those basic classes. These functions are not quite straight-forward, and probably anyone using the "quick-start" would want them anyways.
http://jira.codehaus.org/browse/GRAILSPLUGINS-148 Cheers, Peter -- Software Engineer G2One, Inc. http://www.g2one.com/ --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email |
|
|
RE: Jsecurity account management and GORM question
by Callaway, Pamela
::
Rate this Message:
Thank you! I voted for it.
Pam -----Original Message----- From: Peter Ledbrook [mailto:peter@...] Sent: Thursday, May 15, 2008 2:04 AM To: user@... Subject: Re: [grails-user] Jsecurity account management and GORM question > It would be really cool if, in addition to adding some basic classes and a login, the quick-start script also generated controllers and the CRUD views for those basic classes. These functions are not quite straight-forward, and probably anyone using the "quick-start" would want them anyways. http://jira.codehaus.org/browse/GRAILSPLUGINS-148 Cheers, Peter -- Software Engineer G2One, Inc. http://www.g2one.com/ --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email |
| Free Forum Powered by Nabble | Forum Help |