John Hascall <[EMAIL PROTECTED]> writes:
> Russ Allbery <[EMAIL PROTECTED]> writes:
>> Stanford currently very much loses on this, in a wide variety of ways.
>> We really only have one authorization system that copes correctly with
>> role status changes (provided that it's used properly), and it only
>> knows how to talk to the financial system and isn't (currently) usable
>> as a general authorization solution. There is some active work in the
>> Internet2 arena on this, but not to the point where I think people are
>> deploying it.
>
> The problem with the Internet2's work in this area
> (i.e., Signet and Grouper) is that
> they seem like they've never met a problem
> that they didn't think the answer to it was:
>
> while (problem) {
> Throw the most complicated XML and Java possible at it.
> }
>
> (And they forgot to catch deathByBloatAndComplexityException)
Yeah, I should probably not get started on that. (Signet is essentially
the next generation of Authority Manager, which is the above-mentioned
application that talks to the financial system.)
Our middleware group is very fond of Java and XML.
I'm, er, not so much. (Although XML does have its place.)
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
