My Network users want least of all to remember a new password and account for
applications on the network. As it is, passwords change every 60 days on the
Domain.
I am just starting Win2K Server Deployment. Active Directory is a data base,
but I am not clear to date what DBMS that is. I have a "Turbine" application running
on a Linux box and MYSQL as the DB. Can Turbine connect to MYSQL and the "AD" database
at the same time via JDBC. Can you explain to me what the Ldap backend service is?
Donald Duquaine
Analyst / Network Administrator
STL Tampa
(813) 885-7427
[EMAIL PROTECTED]
-----Original Message-----
From: Eric Dobbs [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 04, 2002 8:45 PM
To: Turbine Users List
Subject: Re: Antw: Turbine + NT login/Active Directory
On Monday, March 4, 2002, at 09:53 AM, Colin Chalmers wrote:
> 1. How does the group see Ldap fitting into Turbine as a whole and the
> security in particular?
The main application we would use at work would
be authentication. Could be as minimal as login
password, first and last names. Many of our
clients want to be able to reuse their existing
Active Directory, or other authentication service.
As opposed to maintaining duplicate sets of users
and their credentials.
> 2. Should it be possible to use both a database & Ldap backend at the
> same
> time?
Yes.
In our application, we would need to be able to
put extended user information into our database.
We would authenticate against the LDAP server
and we'd keep a UserProfile table in the database
to store data that's not in the existing LDAP
server. I haven't given this a lot of thought,
but I think this might imply storing the roles
and permissions in the database. For our use
case, I would like to assume that the client will
grant our application only read access.
> 3. Should we look into pooling for Ldap access? Not sure if that's
> possible
> with JNDI. but Netscape has an api where's it's (Pool) already built in.
no opinion here. I don't know enough about LDAP
administration to know if pooling is necessary or
possible.
> 4. Should we look at integrating Ldap Objects into Criteria similiar
> to
> how
> a query is built up when using a database?
This will be necessary in order to make an LDAP
implementation of the SecurityService. But I
think Criteria is pretty biased towards database
queries.
Thanks for looking into it.
-Eric
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
