new web app urls discussion
Adam M. Dutko
dutko.adam at gmail.com
Tue Jan 24 13:43:31 UTC 2012
> well, thats hard for people to remember
I understand which is why I explained the "implementation" later in my
original e-mail. As part of the implementation I forsee various
Virtual Hosts which would map to a domain (or sub-domain) but then
rewrites through the central method I proposed in my first e-mail.
These sub-domains (or the other approach yet to be determined) would
then rewrite through the filter. It would scale and it would provide a
step-by-step process for new applications that could be scripted. The
authentication module would probably also help but this approach would
be laborious however possibly worth it in the long-run.
> keep the url constant so it doesn't confuse people.
It would be constant. We would do various things behind the scense
like I mentioned earlier in this e-mail and in my previous one. I
probably should have discussed the "implementation" before the theory
but I figured it was a putting the "cart before the horse."
> carefull with the csrf stuff, and the domains for sharing > cookies.
Yes. The unified RBAC piece would help with this I think. As opposed
to relying on cookies for each sub-domain for authentication the
person would authenticate once, then based on their permissions be
granted access to each application. This might also help in the
long-run because it would force us to move more session data into the
database which over time would help with load-balancing and failover
(not that things are now done poorly, it's just a different approach).
> but thanks for the ideas. ;)
Thank you for considering them and for the continued feedback.
More information about the infrastructure
mailing list