Re: ldap securitystore / problem configuring simple example JAASAuthentication

2005-01-18 Thread Robert r. Sanders 
Miguel Figueiredo wrote:
Hello folks,
I have a comment about out-of-box software ldap-enabled. It is very good to
have a ldap implementation distributed alongside with our software, but will
the clients want it? I believe most enterprises have already an
authentication server, and they won't feel right to have another server to
configure and maintain, just because our software needs it.
To solve this, one solution could be to distribute our software with easy
LDAP configuration GUIs, that would connect our software with the client's
enterprise Active Directory/LDAP server. Another solution would be to ship
with our software an ldap cached proxy. The configuration GUI would still be
needed but the good thing is that our software wouldn't slow down because of
the remote ldap server and that same remote ldap server wouldn't slow down
because of our software.
Anyway, the first solution means that we don't need to distribute any ldap
server implementation! ;)
Best regards,
Miguel Figueiredo
 

Just thought I'd drop you a quick note on options that might make your 
option #1 a lot faster: I don't know what kind of data store your 
thinking about using; maybe something like embedded HSQL?  Anyway, if 
its anything like that you might want to look at:

http://free.tagish.net/jaas/doc.html   <- LGPL implementations of JAAS 
for a couple of different backends.

And again with acegi (Apache license); I haven't had a chance to get 
into it yet, but it appears to support JAAS authentication against a 
wide varient of backends, with all sort of different options, see:
   
http://acegisecurity.sourceforge.net/multiproject/acegi-security/apidocs/index.html

--
   Robert r. Sanders
   Chief Technologist
   iPOV
   www.ipov.net
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: ldap securitystore / problem configuring simple example JAASAuthentication

2005-01-18 Thread Miguel Figueiredo 

Hello folks,

 I have a comment about out-of-box software ldap-enabled. It is very good to
have a ldap implementation distributed alongside with our software, but will
the clients want it? I believe most enterprises have already an
authentication server, and they won't feel right to have another server to
configure and maintain, just because our software needs it.

 To solve this, one solution could be to distribute our software with easy
LDAP configuration GUIs, that would connect our software with the client's
enterprise Active Directory/LDAP server. Another solution would be to ship
with our software an ldap cached proxy. The configuration GUI would still be
needed but the good thing is that our software wouldn't slow down because of
the remote ldap server and that same remote ldap server wouldn't slow down
because of our software.

 Anyway, the first solution means that we don't need to distribute any ldap
server implementation! ;)

 Best regards,
 Miguel Figueiredo



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] 
Sent: terça-feira, 18 de Janeiro de 2005 16:53
To: Slide Users Mailing List
Subject: Re: ldap securitystore / problem configuring simple example
JAASAuthentication

Hi Jason,

First of all, I want to thank you for your prompt and clear answers! 
Thanks!

> LDAP is a good candidate for this. It is a standard and fairly well
> supported, so integrating third-party applications should be easier than
> with a custom solution.
I taught about it as well, but our application is completely 
self-contained and written in native Java. So if we choose LDAP as user 
base, we have to provide a (fully configured) LDAP server as well, because 
we can't make knowledge about LDAP a requirement for our product. It 
should work out-of-the-box. Our product is available for lots of 
platforms, so we have to find LDAP servers on all the platforms, or a 
fully implemented LDAP server in Java. As far as I know there aren't any 
java open source LDAP servers, except the JavaLDAP project of Clayton 
Donley (not finished) and the commercialization of it.

> If you can store your user and role information in a location Slide
> understands, that will make your life easier. 
Which locations does Slide understand?
- LDAP (via JNDIPrincipalStore)
- ...

Thanks!

David.


--
Inventive Designers' Email Disclaimer:

http://www.inventivedesigners.com/email-disclaimer


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]