Hi, I'm pretty sure I know which project that was. :-) In this case, there was a legacy system managing the user data which was tied to a proprietary software package with sometimes very weird restrictions. So basically, we couldn't get rid of that legacy system and didn't have the capacity to rewrite it. Instead, we decided to put an API in front of it that all the new (Rails) components could communicate with. Like Nick said, it worked quite nicely.
We couldn't have used the existing LDAP system for administrative reasons, anyway. I guess it would have been possible to set up a separate one for this particular project, but that would just have added an extra layer and not really helped much. That said, I've used LDAP (again an existing installation) in a different Rails project in the meantime, and found it pretty pleasant to work with. Cheers, Olaf On Feb 29, 4:52 pm, Nicholas Faiz <[email protected]> wrote: > Sure, but it depends what you want to set up. My client (a sub-org in a > university) had a LDAP server in the background doing something. But they > wanted this for other reasons (like a sub-organisation). > > > > > > > > On Wednesday, February 29, 2012 3:19:56 PM UTC+11, tim wrote: > > > On Wed, Feb 29, 2012 at 12:29 PM, Nicholas Faiz <[email protected]> > > wrote: > > > Hi, > > > > In a recent project we created an authentication and authorization API > > that > > > ran separately to the main app., and it ended up being my ideal way of > > > handling it (for an app that has belong to to an organisation of any > > > significant size). This turned out to be a great way of doings things for > > > SSO and role clarification (instead of every app inventing its > > understanding > > > of roles, there was a centralised 'source of truth' for them which client > > > apps leveraged). > > > Wouldn't LDAP been a good candidate for something like this? > > On Wednesday, February 29, 2012 3:19:56 PM UTC+11, tim wrote: > > > On Wed, Feb 29, 2012 at 12:29 PM, Nicholas Faiz <[email protected]> > > wrote: > > > Hi, > > > > In a recent project we created an authentication and authorization API > > that > > > ran separately to the main app., and it ended up being my ideal way of > > > handling it (for an app that has belong to to an organisation of any > > > significant size). This turned out to be a great way of doings things for > > > SSO and role clarification (instead of every app inventing its > > understanding > > > of roles, there was a centralised 'source of truth' for them which client > > > apps leveraged). > > > Wouldn't LDAP been a good candidate for something like this? -- You received this message because you are subscribed to the Google Groups "Ruby or Rails Oceania" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rails-oceania?hl=en.
