Re: Authorization and SSO server for ofbiz offer

Wed, 20 Dec 2006 06:55:35 -0800 

Hi Philip!
Thanks for the heads up. You project is probably something I have been looking for for quite some time. 

On the question about the fit with OFBiz:


Does OFBiz provide any means for delegating both authentication and / or 
authoriation to somewhere outside it's own database right now? Does 
OFBiz use JAAS for example? Could I use objects in some LDAP directory 
to authenticate and / or authorize users in OFBiz?



I don't think I'd have that much of a voice here, but to me, introducing 
the option to delegate AAA for OFBiz to any existing system makes all 
the sense in the world. People just have too many passwords to remember.


Just my 2 cents.

Regards,
Torsten

spamsucks schrieb:

Is springframework a problem?


I could switch out hibernate to something else, since most of the fun is 
in lucene.



Do you understand what authsum could bring to ofbiz?  It could tell you 
what customers you can place an order on behalf of in a split second.



Phillip

----- Original Message ----- From: "Jacques Le Roux" 
<[EMAIL PROTECTED]>

To: <[email protected]>
Sent: Tuesday, December 19, 2006 4:08 AM
Subject: Re: Authorization and SSO server for ofbiz offer



Phillip,


Just about licence : only Hibernate is really a problem since it's 
LGPL licenced



BTW you may consider using Entity Engine in place of 
Hibernate/Spring/Tapestry because I can't see how all that would fit 
in OFBiz

:o)

It's up to you...

Jacques


----- Original Message ----- From: "Phillip Rhodes" 
<[EMAIL PROTECTED]>

To: <[email protected]>
Sent: Tuesday, December 19, 2006 4:57 AM
Subject: Authorization and SSO server for ofbiz offer



Hi,
My name is Phillip Rhodes, and I have been a java developer since '96,
and have integrated apps with Oracle 11i ERP systems, Tibco, Vertex, sso
and all kinds of interesting projects...


I have a project called "authsum" , think of it as "sum of 
authorizations"

http://www.authsum.org/

Good summary architecture diagram:
http://www.authsum.org/overview/index.html

In summary, it's a SSO/Identity server.  It communicates with client
applications via a JDBC or Web services api to figure out what
authorizations a user has.  The authorizations are stored in a lucene
index, so it's fast (given how enterprises can have complicated
group/role structures).

Anyway, just wanted to know if it would be possible to bolt this into
ofbiz.  I would be willing to give the authsum code the same license
(apache).  Unfortunately, it uses hibernate/spring/tapestry (open source
products) .

It would also "complicate things" because it consists of 4 different
webapps that can be run in a distributed environment.  But it also has a
SSO so that it could provide SSO across ofbiz/registration/user
admin/CMS/etc...

Just putting a feeler out.
Phillip



























					Reply via email to