> On Feb 21, 2017, at 11:42 AM, [email protected] wrote: > > Thanks for the reply. In my particular situation, I have to provide > support for both C# and Java. So I was thinking of providing an API that > would wrap all the AAA stuff behind a network interface that both Java and > C# clients could use -- is this even feasible? I should point out that > there will not be a web server or servlet container involved. The AAA > piece would be a plain old Java application.
Back to what was said before. It would be a lot of work (weeks if not months) to re-implement Fortress functionality inside C# — unless you had something like the openldap accelerator overlay that offloads all of the processing required onto another tier -- the ldap server itself. The overlay helps because it separates the functionality between the policy enforcement point (PEP) and the policy decision point (PDP). In the accelerator case the openldap server is the PDP (heavy lift), the C# client is the merely a PEP. *** From the Java side, you simply use the fortress apis as written, no container, or overlay is needed. We already did that work for you inside the SDK.
