A long time ago (maybe one or two years) there was a discussion about a new authentication & authorization implementation for Turbine. It never got around to anything, but I did give it a lot of thought. I just want to point out that it would be VERY desirable for such a service to be very pluggable:
1. have a very simple interface-based API. 2. have pluggable back-ends (LDAP, RDBMS, XML files, null implementation) I have not seen any of the code you guys mention here, but just wanted to point this out. Apologies if I'm stating the obvious; the Turbine people came to these conclusions after facing a lot of problems with their security service, which is hard-wired and next to impossible to replace with a different back-end (it is RDBMS-based). Regards, -- Gonzalo A. Diethelm [EMAIL PROTECTED] > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Thursday, September 11, 2003 16:14 > To: Avalon Developers List > Cc: [EMAIL PROTECTED] > Subject: Re: RE: Cornerstone UsersManager > > > If you would you like to get involved with the project just start > posting to > the dev list? I can help you get acclimated so we could work towards a IM > (identity managment) infrastructure concurrently. We're working now on a > revised architecture code named 'Eve' - she has a really nice > design but is > very skeletal right now. It all centers around a server side JNDI LDAP > provider. Its a good time to get involved. By November I think > we can have > basic embedding functionality and a baseline for IM services and AAA. > > Alex > > > > From: Vincent Tence <[EMAIL PROTECTED]> > > Date: 2003/09/11 Thu PM 03:15:45 EDT > > To: "'Avalon Developers List'" <[EMAIL PROTECTED]> > > Subject: RE: Cornerstone UsersManager > > > > LDAP sounds good to me. IIRC, the only backstore implementation in the > > aaa4Avalon project uses XML files and was meant for > demonstration purposes. > > LDAP would be a good candidate for a more serious implementation. > > > > > -----Original Message----- > > > From: Alex Karasulu [mailto:[EMAIL PROTECTED] > > > Sent: Wednesday, September 10, 2003 7:34 PM > > > To: 'Avalon Developers List' > > > Subject: RE: Cornerstone UsersManager > > > > > > > > > I highly recommend going the route of LDAP here. Storing > > > user group info > > > within a RDBMS localizes the data. Through LDAP reads are > > > fast and the data > > > can be replicated easily. > > > > > > Perhaps the components for now could be built using an > > > external server. > > > Just pick one. If the JNDI code written does not use server specific > > > features like special controls, then we could swap out an > > > external LDAP > > > server for an embedded one using LDAPd without code changes. > > > > > > Count me in on helping out however I recommend focusing on > LDAP and of > > > course supporting other backing stores. I already have to > > > write code within > > > the LDAPd server to manage its users and groups as a basis for RBAC. > > > Perhaps the code could be reused. The user/group directory > > > information base > > > is what I will start designing soon after I have a newly > > > designed system > > > backend completed for storing this information. > > > > > > -----Original Message----- > > > From: Vincent Tence [mailto:[EMAIL PROTECTED] > > > Sent: Wednesday, September 10, 2003 12:07 PM > > > To: 'Avalon Developers List' > > > Subject: RE: Cornerstone UsersManager > > > > > > Hi Alexis, > > > > > > If you're talking about Authentication, Authorization and > > > Auditing, there > > > has been some work done in this area over at sourceforge. The > > > original idea > > > was to create AAA blocks for Phoenix. See > > > http://sourceforge.net/projects/aaa4avalon/ > > > > > > I think there has not been a lot of activity going on > > > recently, but there is > > > already a good code base and some nice ideas there. I had an > > > interest at > > > some point and worked on JDBC features, before our project > > > got cancelled. If > > > this is something you want to revive, I would be ready to > > > help out. Looks > > > like I might be needing that in the near future. > > > > > > - Vincent > > > > > > > -----Original Message----- > > > > From: Alexis Agahi [mailto:[EMAIL PROTECTED] > > > > Sent: Wednesday, September 10, 2003 11:09 AM > > > > To: Avalon Developers List > > > > Subject: Cornerstone UsersManager > > > > > > > > > > > > Folks, > > > > > > > > How about having a cornerstone service for handling users > > > > management / > > > > authentification ? > > > > > > > > Many applications could share same "users" repository using > > > > this service via > > > > composition. > > > > > > > > We also could use vCard (or whatever) as user data structure. > > > > > > > > Users persistency could be done via a UsersStore (persistence > > > > on disk, ldap or > > > > database). > > > > > > > > Ideas ? > > > > > > > > -- > > > > Al > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
