On Monday, March 4, 2002, at 09:53 AM, Colin Chalmers wrote: > 1. How does the group see Ldap fitting into Turbine as a whole and the > security in particular?
The main application we would use at work would be authentication. Could be as minimal as login password, first and last names. Many of our clients want to be able to reuse their existing Active Directory, or other authentication service. As opposed to maintaining duplicate sets of users and their credentials. > 2. Should it be possible to use both a database & Ldap backend at the > same > time? Yes. In our application, we would need to be able to put extended user information into our database. We would authenticate against the LDAP server and we'd keep a UserProfile table in the database to store data that's not in the existing LDAP server. I haven't given this a lot of thought, but I think this might imply storing the roles and permissions in the database. For our use case, I would like to assume that the client will grant our application only read access. > 3. Should we look into pooling for Ldap access? Not sure if that's > possible > with JNDI. but Netscape has an api where's it's (Pool) already built in. no opinion here. I don't know enough about LDAP administration to know if pooling is necessary or possible. > 4. Should we look at integrating Ldap Objects into Criteria similiar to > how > a query is built up when using a database? This will be necessary in order to make an LDAP implementation of the SecurityService. But I think Criteria is pretty biased towards database queries. Thanks for looking into it. -Eric -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
