Two more for good measure :-) 5. Migrating from Unbound ID LDAP SDK to Apache LDAP API - http://events.linuxfoundation.org/cfp/proposals/4828/4086
Fortress has recently moved to Apache Directory as sub-project. An important aspect of this move was migrating internal Fortress data access calls from UnboundID to Apache LDAP client API. This discussion covers the rationale and results of this effort and includes the results of benchmarks. It provides tips and code that other projects may need for similar migrations. Additionally it will provide info for Netscape/Mozilla LDAP client migration. 6. The Case for a Policy Decision Point inside the Directory - http://events.linuxfoundation.org/cfp/proposals/4828/4085 Performance characteristics of processes change as they get moved around the network. Bound by network io? Move the database daemon to the same tier as the client process. Too much file io? Store the data in memory as opposed to disk. etc… These same options apply for system architecture with respect to security. Location of policy enforcement, decision, and database processes hugely impact the overall welfare of your organization’s computational systems. What happens when we move the policy decision point inside of the directory server? This talk will discuss a proposal to host an RBAC policy decision point (PDP) inside of Apache DS. It will discuss the different options for PDPs along with their associated pros/cons. On 01/23/2015 09:56 AM, Shawn McKinney wrote: > Hello! > > I have submitted the following proposals for talks to ApacheCon North America: > > 1. The Anatomy of a Secure Web application using Apache Fortress - > http://events.linuxfoundation.org/cfp/proposals/4828/4076 > > Although the Java EE architecture provides the necessary enablement, most > developers do not have the time or the training to take full advantage of all > the available tools. This technical session describes and demos an end-to-end > application security architecture using Apache Wicket and Fortress. It > includes practical, hands-on guidance to properly implementing > authentication, authorization, and confidentiality with Java EE security. In > addition to finding out where the security controls must be placed and why, > attendees will be provided with code they can use to kick-start their own > highly secure Java web applications. > > 2. RBAC enable your Java Web apps using Apache Directory and Fortress - > http://events.linuxfoundation.org/cfp/proposals/4828/4078 > > Fortress has recently been added as sub-project to the Apache Directory > project. This session will provide an overview of the project and its roadmap. > > 3. Using Roles for Access Control is not Role-Based Access Control - > http://events.linuxfoundation.org/cfp/proposals/4828/4077 > > Misnomers abound as to what constitutes a working role-based access control > (RBAC) system. With ANSI RBAC, groups are not roles and resource connections > are not sessions. This presentation explains what ANSI RBAC is and how it can > be applied. It dispels long-standing myths. Additionally you’ll receive tips > on how to implement a successful RBAC program using well-established best > practices. The session also introduces you to Apache Fortress, a fully > compliant RBAC implementation. > > 4. The Case for RBAC Standardization in the Directory - > http://events.linuxfoundation.org/cfp/proposals/4828/4079 > > Discussion about efforts to standardize the RBAC protocol in the directory. > The standardization covers two broad areas: > > 1. A standard LDAP schema for RBAC > 2. A standard LDAP protocol for RBAC > > Topics of discussion include the status, rationale and technical details of > these standardization efforts. > > Any comments welcome. > > Cheers, > > Shawn > > On 12/28/2014 05:35 AM, Pierre Smits wrote: >> Hi All, >> >> Our talks held at Apachecon US 2014 in Budapest, on the various subjects >> related to our projects and its products, were a huge success: I experienced >> packed rooms while Emmanuel and Shawn shared their insights and experiences. >> This truly shows that we don't just do our contributions for ourselves, but >> that our solutions are in demand and that people are interested in how we do >> things in our project. >> >> The talks held were: >> >> * RBAC Authorization with Apache Directory Server and Fortress >> * LDAP Testing: Does it have to be a Nightmare? >> >> As has been anounced by the board, we have a new opportunity to promote our >> project, our solutions and our viewpoints on the various aspects of Identity >> & Role Management, Authentication & Authorisation, the progress in our sub >> projects and directions for the future (and more) at the upcoming Apachecon >> US 2015 event. This event will be held on the North American continent in >> Austin, Texas, USA from April 13th till April 17th, with conferences during >> the first 3 days. >> >> So I start this thread to investigate whether there is an interest to >> participate and hold talks again at the upcoming event. Think about: >> >> * The state of the project >> * How our product X enables/supports company 1 >> * How our product X enhances product Y >> * etc. >> >> What do you think? >> I am sure that the greater subject of "User, Role, Identity Enablement & >> Control" can spawn a lot of (suggestions or ideas of) talks. >> >> To give you a heads up on the upcoming event, I list some reference pages >> below: >> >> * http://wiki.apache.org/apachecon/FrontPage >> * http://wiki.apache.org/apachecon/ACNA2015ContentCommittee >> >> >> Best regards, >> Pierre Smits >> >> *ORRTIZ.COM <http://www.orrtiz.com>* >> Services & Solutions for Cloud- >> Based Manufacturing, Professional >> Services and Retail & Trade >> http://www.orrtiz.com <http://www.orrtiz.com/> >
