[hunchentoot-devel] Re: hunchentoot authorization

[Cyrus Harmon]

Robert,

Yes, I agree. This certainly doesn't have to be part of hunchentoot.  
However, I see an opportunity for lightweight hunchentoot-specific  
user authentication/authorization package that could provide this  
functionality. Moreover, some minor tweaks to hunchentoot might make  
this an easier task. I'd like to stay away from a full-fledged web  
framework ala UCW or weblocks, however, and I'm willing to 1) make  
this library totally hunchentoot-specific and 2) if necessary propose  
modifications to hunchentoot that would facilitate the implementation  
of this library. In particular, the hunchentoot dispatch stuff, while  
flexible, could, I think, be improved in ways that would make the  
implementation of this library more facile. But I'm just brainstorming  
at the moment and don't have any concrete examples, other than the  
fact that meta-dispatch stuff feels like it might be cleaner with some  
sort of CLOS custom method combination might. Then again, it's  
flexible enough that this can be implemented on top of the existing  
stuff with little penalty, so perhaps I should explore that instead of  
just writing windy emails...

Yes, to be clear, this discussion is more about my half-baked ideas  
for the future of hunchentoot-auth than it is about changes to  
hunchentoot to include some user authentication framework.

Thanks for listening,

Cyrus

On Apr 12, 2008, at 5:45 PM, Robert Synnott wrote:

> To me, this seems like pushing Hunchentoot more in the direction of
> being a web framework than just a webserver. Not that there's anything
> wrong with that, of course, but it could probably be just as easily
> done with a library that sits on top and implements a light-weight
> framework.
> Rob