[vlma-devel] TODO before releasing

[Adrien MAGLO]

Hello !

> As I've already thought about that, here are my propositions:
>
> 1. I think lots of people would like to delegate authentication to
> an existing system (their own LDAP, CAS or database) so I still hesitate
> between providing a simple built-in authentication mechanism and using a
> complete authentication and authorization framework (like Acegi) which
> would let people configure it to fit to their environment.

Integrating acegi could be a good idea. But I think that for the first
release we can let the users do with their own systems (htaccess, SSL ...).
In my optinion other problems you mentionned below are more important.

> 2. One could save them to a predefined location (like
> /var/lib/vlma/rrd) and then export them to the web thanks to a servlet
> which would convert a FileInputStream to a ServletOutputStream. Another
> solution would be to write the graphs directly to a web exposed
> directory, but I'm not convinced by this solution because of security
> reasons.

Servlet solution seems very complicated to me. I'm not at all aware of
that. However if this is the best solution, then let's go.

> 3. To work around this problem, hudson embeds a very lightweight servlet
> container (Winstone, http://winstone.sourceforge.net/). I think this is
> a good idea.

Why not. But we should also check that the war we generate with Maven
can well work alone on Tomcat servlet engine.

> 4. Save it to ~/.vlma/config.xml ?

Yeah ! In the home of the user who launchs the deamon.

> Waiting for your thoughts. :-)

That was my thoughts. Thanks for yours !

Sorry for my bad english.

-- 
MagSoft