If you can find a means to make java code authenticate against DACS, then it would be easy enough to write an Acegi AuthenticationProvider that talks to it.
On 1/19/07, Krystian Nowak <[EMAIL PROTECTED]> wrote: > Do you think it is possible to include DACS (http://dacs.dss.ca/) as a > authentication adapter (just as it is with Yale's CAS)? There were talks > about the future of authorization in OSS GIS GeoServer > (http://docs.codehaus.org/display/GEOS/Home) which heavily uses Spring, > so it would be natural to use Acegi. On the other hand there is an Open > Geospatial Consortium (OGC) standardising organisation for GIS software > and one of their implementation for security used in demos is DACS. The > problem is that DACS is native application whereas the GeoServer is a > Java webapp. > > Maybe you have some ideas or already have head about works between DACS > and Acegi? Do you find it possible to integrate in any scope (just > authentication or maybe even more - to simulate DACS-like authorization > using Acegi)? > > Below there is an email on these talks. If it's not clear for you, > please, do not hesitate to ask questions to make it more informative. > > Thanks in advance for your help! > > Kind regards, > Krystian Nowak > PSNC > > > -- > Krystian Nowak > [EMAIL PROTECTED] > =========================================== > Poznan Supercomputing and Networking Center > Poland, 60-814 Poznan, Zwierzyniecka 20 > tel. (+48 61) 8582159 fax. (+48 61) 8582151 > http://www.man.poznan.pl > =========================================== > > > -------- Wiadomość oryginalna -------- > Temat: Re: Authentication and authorization status in OGC-compliant OSS > GIS software > Data: Thu, 18 Jan 2007 10:36:48 -0800 > Nadawca: Barry Brachman <[EMAIL PROTECTED]> > Odpowiedź-Do: [EMAIL PROTECTED] > Adresat: Krystian Nowak <[EMAIL PROTECTED]> > Kopia: [EMAIL PROTECTED], [EMAIL PROTECTED], > [EMAIL PROTECTED], [EMAIL PROTECTED], > [EMAIL PROTECTED], [EMAIL PROTECTED] > > > Hi all -- > > Some of this thread was forwarded to me. As the principal designer and > implementor of DACS, I thought I might be able to comment a little on a few > things that caught my attention. > > >Jody Garnett napisa³(a): > >> I know DACS has been used in an OGC context > >Is it an OGC standard or only at OWS as demo? > > DACS is not an OGC standard. > It was the subject of three OGC initiatives: CIPI 1.1, CIPI 1.2, and OWS-3. > That work mainly dealt with understanding and solving authentication and > authorization interoperability issues, and some of the results of those > projects were integrated with DACS. As far as I know, nothing is currently > being done by the OGC with DACS. > > >> what is the benifit for ACEGI? Ah it is a spring security > >> system ... > > I don't know anything about Acegi (http://acegisecurity.org) other than > what I have read on their home page, so I really can't comment on it or > compare it with DACS. But at first glance it looks to me like it is > quite different from DACS in philosophy, implementation, operation, and > feature set. So I suspect the two systems might be aimed at different > audiences. > > As for CAS, it is simply an authentication method, and it is one of many > methods supported by DACS. > > Regardless of how authentication is performed, DACS creates a common > internal representation ("credentials") which is then exported from DACS > to a client, and later sent by a client to DACS with its request. In > theory at least, DACS does not care how credentials are transmitted - in > an HTTP cookie, via an HTTP extension header, within a URL, or as an > argument - these are all possibilities. Clients, which can be > middleware, can ask DACS to "decode" or export credentials, so a DACS > identity can easily be converted to some other representation, and > importation to DACS from other representations is also possible. > Middleware can ask DACS to create credentials. > > The authorization side of DACS is largely separate and independent of > the authentication side. You do not have to use DACS authentication in > order to use the DACS access control rule-processing engine. > > I also can't comment on GeoServer. I believe that, like Acegi, it is a > Java application, and DACS being C/C++ software, people who prefer a > pure Java solution might not be happy with a system that must use JNI. > Supporting DACS as an optional, third-party component of GeoServer might > be a possibility though. > > One other thing that I noticed: > >>> Do you know if there is any way to integrate Acegi with DACS? > > I don't really understand this question because the two systems are > quite different, yet in broad terms, do the same kinds of things. So > I'm not sure what it would mean to integrate Acegi with DACS. It might > be possible for Acegi to use DACS's authentication components, its > access control component, or both, but that's probably a question to ask > the Acegi folks. And there's also that pesky "pure Java" issue. > > It might be possible for the two systems to interoperate, but I don't > think that's what you're talking about. > > I apologize if I've gotten off topic or confused things. > I'd be happy to answer any questions that anyone has about DACS. > > Barry > > > ** Barry Brachman, Ph.D. > ** Distributed Systems Software, Inc. > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Home: http://acegisecurity.org > Acegisecurity-developer mailing list > Acegisecurity-developer@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
