LDAP is commonly used for security systems (for example: M$ Active Directory and Novell's NDS are both LDAP implementations), and so using them for applications (instead of a database) lets you leverage existing security settings so you do not have to duplicate them.
Larry On 7/15/05, Adam Hardy <[EMAIL PROTECTED]> wrote: > Frank W. Zammetti on 14/07/05 17:39, wrote: > We have completely externalized security from all our applications and > > have built a fairly robust Security Framework, on top of J2EE security and > > LDAP. Further, we are now taking customization and adding it in. > > > > Currently, once a user is authenticated and authorized, it is only THEN > > that the application code begins. The application can make simple queries > > to get basic user info (name, group, whatever attributes are stored in > > LDAP), but things like "what can this particular user do within this > > particular app" is still within each app. This is what we are > > generalizing and moving out to the framework now. We have some good ideas > > about doing this, and keeping it generic enough to work across-the-board, > > but I suppose we'll know if we succeeded in a few months. > > > Going slightly OT but the thread's OT anyway, why does LDAP exist or why > does it get used so much? What advantages does it have over a database, > which all applications have anyway? Why add another technology to the mix? > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]