Menu
▾
▴
Re: [Exist-development] Developing OpenID for eXist
|
From: Loren C. <lor...@gm...> - 2009-10-30 13:14:49
|
Adam, I agree with your thoughts. I like the idea of pluggable authentication modules. Would you be available for a Skype call later today to discuss and brainstorm? I would like input for the pluggable authentication modules. from all interested parties Loren On Oct 30, 2009, at 06:47 AM, Adam Retter wrote: > I think you would still need some sort of admin user that is > maintained outside of OpenID. Otherwise what happens if you need to > do something with eXist and your web connection has gone down. > > I would quite like to see a composite authentication system, where > authentication modules are pluggable - you could plug in modules for > "eXist", "JDBC", "System (PAM/NTLM)", "LDAP", and you would be able > to set an order of priority and user authentication would be > attempted at each module in turn until one succeeds. > > Cheers Adam. > > > > 2009/10/29 Loren Cahlander <lor...@gm...> > I am in the process of developing the authentication through OpenID > for the eXist database. > > According to the document that I wrote at https://support.syntactica.com/groups/existsecurity/wiki/04f3c/Steps_to_implement_OpenID_in_eXist.html > , I need to implement a new SecurityManager class. > >> A new Java class file will have to be written for maintaining the >> user account files for OpenID. That file will >> beorg.exist.security.OpenIDXMLSecurityManager.java for storing the >> information in an XML resource (/db/system/OpenID/OpenID_users.xml) >> and org.exist.security.OpenIDLDAPSecurityManager.java for storing >> the information in LDAP. >> > I have also run across the fact that the org.exist.security.User > class has the password as an attribute within it. I would like to > propose the attached refactoring: > > <usermodel.png> > > What impact would this have on you and do you see any alternatives? > > Loren > > > ------------------------------------------------------------------------------ > Come build with us! The BlackBerry(R) Developer Conference in SF, CA > is the only developer event you need to attend this year. Jumpstart > your > developing skills, take BlackBerry mobile applications to market and > stay > ahead of the curve. Join us from November 9 - 12, 2009. Register now! > http://p.sf.net/sfu/devconference > _______________________________________________ > Exist-development mailing list > Exi...@li... > https://lists.sourceforge.net/lists/listinfo/exist-development > > > > > -- > Adam Retter > > eXist Developer > { United Kingdom } > ad...@ex... > irc://irc.freenode.net/existdb |
