On Tue, May 12, 2009 at 12:03 PM, Mark H. Wood <mw...@iupui.edu> wrote: > I've been working to integrate single-signon code which needs to fetch > some identity data from an LDAP directory when creating a new EPerson. > It seems to me that this is wrong; if such data come from an external > service, DSpace should just get them that way whenever they are > wanted. Yes, we need a way to identify an account with a person or > role in the physical world, but we shouldn't be maintaining possibly > stale duplicate information if we don't have to. > > What I'm thinking is that EPerson should be skinned down to just the > minimum that DSpace needs for its own operation. One of those > data would be, "where do we get identity data for this account?" Then > a plugin can be consulted for those data.
MarkW, I think you'll be happier with the approach used in 2.0, it is in fact, very skinned down like your suggesting. We really could use people looking at the 2.0 architecture and thinking "How can we port some of this to 1.x" and I think this is an ideal case for doing just that. > The profile page would need to make some fields writable or read-only > depending on whether the native DSpace identity plugin or some other > is used. A plugin could (if it choose) provide URLs to be provided in > the profile page, linking to "for more information" or even "for the > enterprise management page for this account". I'm actually looking at storing a "Profile" of someones Identity (I.E. Submitter, Author, Publisher) as a separate "Entity" to that of the login User/Identity. This clearly separates the Authnz details away from the metadata about a user that may be used within the system for capturing descriptive details about an agent in the system. IMO, this will minimize the need to store explicit detail about every User of the system over the lifetime of the archive. -MarkD -- Mark R. Diggory @mire NV USA http://www.atmire.com ------------------------------------------------------------------------------ The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com _______________________________________________ Dspace-devel mailing list Dspace-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-devel
