In an enterprise, what happens is that as applications proliferate, these
authorisation tables proliferate in their own islands with their own tables
created as and when the designers need them. Over time, it is a nightmare.
Creating a user would need updating multiple applications.
LDAP makes good sense as a common repository to share this and other
enterprise data. If you are worried about concurrent updates, there are
different application level strategies to avoid this.
The benefits of directory based authorisation far outweigh the
disadvantages. Especially if your app is e-com or b2b oriented.
-- Aravind
> -----Original Message-----
> From: A mailing list for Enterprise JavaBeans development
> [mailto:[EMAIL PROTECTED]]On Behalf Of Simon Blake
> Sent: Wednesday, 28 June 2000 19:56
> To: [EMAIL PROTECTED]
> Subject: Re:
>
>
> ----- Original Message -----
> From: "Jeff Martin" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, June 28, 2000 3:47 AM
> Subject: [EJB-INT]
>
>
> > I would recommend against moving from a database table to an LDAP
> directory.
> > LDAP does not provide any form of transactions which has bitten
> us several
> > times already (races and partial completes abound).
> >
> > Jeff
> >
>
> Also, doesn't LDAP encrypt the password? This makes "forgot your password"
> capabilities difficult (if you wish to have them).
>
> ---
> Simon Blake
> the esperanto Group
> [EMAIL PROTECTED]
>
> ==================================================================
> =========
> To unsubscribe, send email to [EMAIL PROTECTED] and include
> in the body
> of the message "signoff EJB-INTEREST". For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".
>
>
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
