I'm getting confused on your stance here. I don't think turbine would replace
an enterprise user management system ( LDAP, NT Domains, NDS, etc ) or
directory service. But it can/will use these services to perform
validation/authenication/authorization for your applications ( in this case
jetspeed ).
Wouldn't turbine be just another 'application' that would use this user
stuff?
Are you speaking of a case where you cannot store additional information ( as
in our of NT domain auth ) ?
"Schwarz, Marcus" <[EMAIL PROTECTED]> wrote:
> OK, I can understand your position. But the problem is the following:
> if you want to bring application specific stuff into the UM you will
> have a tight integration. I'm sure the most companies will have
> existing User Managements. They will not replace them with Turbine -
> that's too much work. Additionaly it's a tough job to build up a company-
> wide user management system: replacement without any really very good
> arguments is simply to expensive.
>
> Now imagine that we are bringing application specific stuff like the
> information about portlets (we would need to store the information which
> portlets are existing and what permissions are related to it into Turbine)
> into Turbine thru an well-defined API. Then each company would have to
> extend their existing user management solution (in many cases that would
> be 3. party with no chance to extend) with this API to enable the
> authorization.
> That's simply not feasible.
>
> I think it's better to make a seperation; to just let the UM (--> Turbine
or
> anything
> else) handle information who is logged in and which roles are assigned.
> If your are bringing this functionality to Turbine it would be (maybe) good
> for Turbine -
> but very bad for JetSpeed, because the most companies would not be able to
> use it
> without replacing their UM.
>
> Marcus
>
> -----Original Message-----
> From: Jon Stevens [mailto:[EMAIL PROTECTED]]
> Sent: Dienstag, 22. August 2000 19:11
> To: JetSpeed
> Subject: Re: PROPOSAL: role-based authorization concept
>
>
> on 8/22/2000 8:52 AM, "Schwarz, Marcus" <[EMAIL PROTECTED]> wrote:
>
> > You are right, but that's not enough to ensure the authorization parts
for
> a
> > portlet.
> > As a result we are needing a new layer to control access to the
> > functionality of the
> > portlets.
>
> Again...ADD THAT STUFF TO TURBINE!
>
> When something doesn't exist in Turbine, don't think: "We need to add that
> to Jetspeed cause Turbine doesn't have it." Instead think: "We need to add
> that stuff to Turbine cause Turbine doesn't have it."
>
> Turbine is not a closed project that does not accept code contributions. If
> you contribute to Turbine, then you contribute to a much larger scale of
> projects because more people are going to base their code on top of Turbine
> since it is the foundation.
>
> thanks,
>
> -jon
>
>
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> Archives and Other: <http://java.apache.org/main/mail.html>
> Problems?: [EMAIL PROTECTED]
>
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> Archives and Other: <http://java.apache.org/main/mail.html>
> Problems?: [EMAIL PROTECTED]
Jeff Brekke
mailto:[EMAIL PROTECTED]
http://sites.netscape.net/ekkerbj
____________________________________________________________________
Get your own FREE, personal Netscape WebMail account today at
http://home.netscape.com/webmail
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
