Authentication and Autorization

Feb 8, 2010 at 5:32 PM

Hi there,

Thank you again for sharing this solution with us. I have a question for you guys.
How hard can it be to hook up Rhino.security instead of using OpenId?
Hope you can help,

fromano2802

 

Coordinator
Feb 9, 2010 at 9:56 AM

I've been meaning to play with Rhino.Security for a number of months - but have never got the chance - I know there are several threads on the #arch google groups on the topic. I'm intending to use it on a project I'm starting in a couple of weeks - but it's not on the backlog for WCHM.

If you have any samples - or decided to implement it yourself - I'd be very interested in seeing if we can integrate it.

Regards,

Howard

Feb 9, 2010 at 4:03 PM

Hi Howard,

I was able to run this example:
http://groups.google.com/group/sharp-architecture/browse_thread/thread/ae5de6fd10cf33ac/ca1a20252302aa4d?lnk=gst&q=rhino#ca1a20252302aa4d

I am also looking at the winecellar example which also (in a totally unrelated matter to this thread) implements AOP logging (I am planning to use it):
http://bartreyserhove.blogspot.com/2008/11/aspnet-mvc-and-rhino-tools-sample.html

Anyway, I will keep you posted if I can implement it successfully.

fromano2802

Feb 9, 2010 at 9:09 PM
fromano2802 wrote:

How hard can it be to hook up Rhino.security instead of using OpenId?

OpenId is concerned authentication (who are you?). Rhino Security is concerned with authorization (what are you allowed to do?). The two are mutually exclusive, and can be used together if desired.

 

Feb 9, 2010 at 9:27 PM
howardvanrooijen wrote:

I've been meaning to play with Rhino.Security for a number of months - but have never got the chance - I know there are several threads on the #arch google groups on the topic. I'm intending to use it on a project I'm starting in a couple of weeks - but it's not on the backlog for WCHM.

If you have any samples - or decided to implement it yourself - I'd be very interested in seeing if we can integrate it.

Regards,

Howard

Howard,

I've been doing a lot of research on Rhino Security as well, and am also planning to get it integrated into my WCHM derived app soon.

The main sticking points I forsee are version conflicts between Rhino and NHib (depending on which version WCHM is using), and troubles with configuration when Fluent NHibernate is used.

From what I understand, Ayende by popular demand is working on a real reference/sample app for Rhino Security, which I think (haven't asked him) is located here:

http://github.com/ayende/Advanced.NHibernate

 

Is this something you'd like to work on together? If WCHM were on GitHub we could do a public github "fork" repo with the work. In fact, this was what I intended to do whether or not WCHM is on GitHub or not :D

As fromano2802 mentions, the WineCellarManager app uses Rhino, but the last time I looked (a couple of weeks ago), it's implementation was not up to date with the improvements detailed on Bart's blog.

Feb 9, 2010 at 10:04 PM
martin_aatmaa wrote:
fromano2802 wrote:

How hard can it be to hook up Rhino.security instead of using OpenId?

OpenId is concerned authentication (who are you?). Rhino Security is concerned with authorization (what are you allowed to do?). The two are mutually exclusive, and can be used together if desired.

 

 Hi Martin,

I see your point. Unfortunately I can't use OpenId because I am designing an intranet app and I need to store the user accounts locally. I thought that Rhino Security could be used both for authentication and authorization in a way similar to the WineCellamanager app. Please correct me if I am wrong.

Thanks,

fromano2802