Frank W. Zammetti on 14/07/05 17:39, wrote:
We have completely externalized security from all our applications and
have built a fairly robust Security Framework, on top of J2EE security and
LDAP. Further, we are now taking customization and adding it in.
Currently, once a user is authenticated and authorized, it is only THEN
that the application code begins. The application can make simple queries
to get basic user info (name, group, whatever attributes are stored in
LDAP), but things like "what can this particular user do within this
particular app" is still within each app. This is what we are
generalizing and moving out to the framework now. We have some good ideas
about doing this, and keeping it generic enough to work across-the-board,
but I suppose we'll know if we succeeded in a few months.
Going slightly OT but the thread's OT anyway, why does LDAP exist or why
does it get used so much? What advantages does it have over a database,
which all applications have anyway? Why add another technology to the mix?
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
