4

I'm working on an application that had basic requirements for authentication in the first version (i.e. think single administrator login), and now I have a requirement to extend this to allow for different users, roles, and permissions.

It has been suggested that I attempt to integrate with an existing product we have that does this sort of thing as a separate server for basic authentication, or also extending to second factor authentication. The application I'm working on is a small, downloadable application that is supposed to be easy to set up and have running. The other product is large and 'enterprisy', requiring manual setup, which I could try to do automatically for what I need (maybe).

The big problem is that when described as a feature set of what we'd like to do in my product, it maps up perfectly with what the other product does, but it's not in a form that I can use it. Management wants integration with the other product, because it seems intuitive that we could leverage that, but the other product isn't in a form that I could use. i.e. thinking of it in terms of MVC, I don't think there's a way to separate the view from the model.

The other thing I'm concerned about, which has happened in the past, is that if I'm asked to integrate with this that I'm going to be the one doing all the integration work, and if something cannot be done from the other product, then I'm just out of luck. Integration with my product is secondary to anything the other team would want, and my team isn't a 'customer', so there's little motivation to get them to fix or add stuff for us.

So, in summary, my question is: I don't want to reinvent the wheel, but should I attempt to force a square peg into a round hole by trying to use a product that does what I need, but not in a form that's easy to reuse?

edit: I'm using Java, so Spring Security is an option.

yannis
  • 39,547
  • 40
  • 183
  • 216
Shawn D.
  • 1,361
  • 1
  • 12
  • 14
  • 3
    Hmm... it sounds like you need a round-peg wrapper-library around the square peg! ;) – FrustratedWithFormsDesigner Aug 02 '11 at 15:56
  • Yeah, just wondering if it's more trouble than it's worth to try to wrap up a separate server transparently. :-S – Shawn D. Aug 02 '11 at 16:04
  • 1
    if you need to add roles and users and permissions to your security code, it sounds like you already reinvented a wheel. There are security frameworks for every major platform that do all this stuff. – Kevin Aug 02 '11 at 16:11
  • Break down the two choices. List what the risks are. Then stand back and let your boss decide. It sounds like you should simply create your own mini-wheel but ( again ) let your boss decide with the unstanding 100 hours from now you might say "NOT POSSIBLE". – Ramhound Aug 02 '11 at 16:16
  • see also: [Does software reuse preclude process repeatability](http://programmers.stackexchange.com/q/204807/31260) – gnat Jul 17 '13 at 12:47

3 Answers3

3

If the code wasn't written for re-use upfront you're going to have to re-architect it/refactor it so that it does. In doing so you're going to risk the stability of the existing platform. Management always wants "re-use" because they think it means less time. But they haven't looked at the code and they don't know the details and that assumption is not always true. And it's up to you to explain why.

You don't mention the platform you're using but there are already security solutions for the major MVC platforms. For example java has spring security. Why don't you use a framework built for your platform, where the authors were concerned primarily with reuseability. Then you're not re-inventing a wheel AND you don't have to worry about destabalizing your existing codebase.

Kevin
  • 1,341
  • 8
  • 12
  • .net has its own security provider as well that is well documented and works natively with .net controls – SoylentGray Aug 02 '11 at 16:22
  • @Chad: Isn't it bloated and hard to use? – Coder Aug 02 '11 at 16:46
  • The problem with using a generic framework is that I still end up with something that doesn't do everything our enterprisy product does. So, whether I write it myself or use something like Spring Security, it looks the same to management. – Shawn D. Aug 02 '11 at 16:55
  • @Coder - Hard to use, I dont think so. Bloated - Maybe depending on your needs. But just because a car has air bags doesnt mean that you want to use them. Why reinvent the wheel just because you do not need all of the features it supports. The core product is good. – SoylentGray Aug 02 '11 at 17:30
2

It seems like people too often feel they have two options.

  1. Start from scratch / reinvent the wheel.
  2. Adapt software that wasn't meant for this situation by using a wrapper or making structural changes to an existing framework.

However, there is a third option.

  1. Create a new framework by using the old software as a basis. Reuse any algorithms, methods, what-have-you that fit into the new framework design. Typically, you can save about 50% of the code this way, but you still have a new framework designed for your needs.

Now, whether you do option 2 or 3 depends on whether or not you want to maintain them together or separately. If a wrapper can be easily made and the only software will be continued to be maintained.. then thats probably the best option.

user606723
  • 1,169
  • 9
  • 13
1

You know, you can always force a square peg nicely into a round hole by using an adapter. Why not hide the other module behind an interface that fits your needs? If that's possible, there's only little that speaks against integrating the software.

I once had to integrate Microsoft Access without COM-Interop into an existing application for reporting purposes. I had to integrate a TCP server into the Access-Project and force Access Windows into my application. I had a bad feeling about this when I wrote it. It seemed like a fragile mess. But it really wasn't.

I hid everything behind interfaces and in the end it worked great, the users were delighted and it was easy to use. Thanks to the interface, Access can be exchanged for something better when the time comes.

Falcon
  • 19,248
  • 4
  • 78
  • 93