Jose González Gómez wrote:
>
> Ian,
>
> We are talking here about internal users. The directory I'm accessing
> keeps a copy of the structure of the organization I'm making the
> application for. As you say, I use this directory to give different
> access rights to each users regarding their absolute and relative
> position (a manager may authorize requests from employees under his
> organizational unit, but not in others). Anyway, there is some info
> specific to the application that cannot be kept in the directory, so I
> use my database for this purpose.
>
> Under this scenario it made sense for us to make some abstraction
> that would isolate us from LDAP and database access, and we thought of
> an entity bean representing our users. Keep in mind that we have also
> the application administrator role, that may change permissions for
> other users. Our entity bean provides us methods for all those things:
> asking for permissions, asking for relation between two employees,
> changing rights for an user,...
>
> Any thoughts about this?
My thoughts are that what David Bullock wrote is correct:
David Bullock wrote:
>
> When I was doing research on using LDAP some time ago now, I thought how
> neat it would be to be able to use LDAP like a database. However, the
> recommendations I came across always said that it was best to keep your
> primary data-store in a real RDBMS, and to replicate the information to
> your LDAP server, which was your way of distributing this information
> to the rest of the organisation.
Ian McCallion
Alexis Systems Limited
Romsey, UK
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
