From: Adam R. <ad...@ex...> - 2009-10-30 14:06:49
|
Sorry today is not good for me, I am available over the weekend or next week otherwise... 2009/10/30 Loren Cahlander <lor...@gm...>: > Adam, > I agree with your thoughts. I like the idea of pluggable authentication > modules. Would you be available for a Skype call later today to discuss and > brainstorm? I would like input for the pluggable authentication modules. > from all interested parties > Loren > On Oct 30, 2009, at 06:47 AM, Adam Retter wrote: > > I think you would still need some sort of admin user that is maintained > outside of OpenID. Otherwise what happens if you need to do something with > eXist and your web connection has gone down. > > I would quite like to see a composite authentication system, where > authentication modules are pluggable - you could plug in modules for > "eXist", "JDBC", "System (PAM/NTLM)", "LDAP", and you would be able to set > an order of priority and user authentication would be attempted at each > module in turn until one succeeds. > > Cheers Adam. > > > > 2009/10/29 Loren Cahlander <lor...@gm...> >> >> I am in the process of developing the authentication through OpenID for >> the eXist database. >> According to the document that I wrote >> at https://support.syntactica.com/groups/existsecurity/wiki/04f3c/Steps_to_implement_OpenID_in_eXist.html, >> I need to implement a new SecurityManager class. >> >> A new Java class file will have to be written for maintaining the user >> account files for OpenID. That file will >> beorg.exist.security.OpenIDXMLSecurityManager.java for storing the >> information in an XML resource (/db/system/OpenID/OpenID_users.xml) >> and org.exist.security.OpenIDLDAPSecurityManager.java for storing the >> information in LDAP. >> >> I have also run across the fact that the org.exist.security.User class has >> the password as an attribute within it. I would like to propose the >> attached refactoring: >> <usermodel.png> >> >> What impact would this have on you and do you see any alternatives? >> Loren >> >> >> ------------------------------------------------------------------------------ >> Come build with us! The BlackBerry(R) Developer Conference in SF, CA >> is the only developer event you need to attend this year. Jumpstart your >> developing skills, take BlackBerry mobile applications to market and stay >> ahead of the curve. Join us from November 9 - 12, 2009. Register now! >> http://p.sf.net/sfu/devconference >> _______________________________________________ >> Exist-development mailing list >> Exi...@li... >> https://lists.sourceforge.net/lists/listinfo/exist-development >> > > > > -- > Adam Retter > > eXist Developer > { United Kingdom } > ad...@ex... > irc://irc.freenode.net/existdb > > -- Adam Retter eXist Developer { United Kingdom } ad...@ex... irc://irc.freenode.net/existdb |