On Jul 31, 2010, at 2:13 AM, Daniel Henze wrote: > Thanks Kalle and Pierce for your feedback, it's interesting to read a little > more about other experiences. I can completely understand the login form > issue, something I stopped considering after a short period of time. The > tynamo project has some really interesting projects and it seems security is > offering me the best combination of tools for what I'm trying to achieve. For > now I'll be using a workaround to achieve what I'm doing. Though deadline is > approaching quickly, I am considering switching security implementation > before go live. > > What would you estimate is the amount of work required to implement Shiro > Security if current setup uses Spring Security?
Hmmm, I would say it took my about 20% of the time it took me to get spring security working, and during that time I added some components to the tapestry-security project. There are now equivalents for every spring security component in tapestry-security. So you can migrate those in about 5 minutes of searching/replacing. You'll have to implement a Login form page, but there's sample code for that that you can cut/paste. You'll have to implement a realm. In my case, the main holdup was that the number of significant letters in my brain is about 4, so I kept getting: authorization authentication Confused. In Shiro, one of them means "looking up what privileges/roles a user has", and the other means "checking whether a user matches their credentials (username/password)". So if you keep those straight, that makes things easier. Pierce
smime.p7s
Description: S/MIME cryptographic signature
