[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Auth]Re: [DotGNU]Authorization and Security
From: |
Mario D . Santana |
Subject: |
Re: [Auth]Re: [DotGNU]Authorization and Security |
Date: |
Thu, 31 Jul 2003 22:01:57 -0400 |
David,
Excellent! Auth-sharing between unrelated web sites is something that
MACS can't do yet. It's trickier than it sounds, so I'm immensely
grateful that you've licked it. Other things that I'll want MACS to do
includes workflow and audit trail analysis. These are under
construction using existing GPL'd projects. My point: it's *so* nice
to develop in a Free Software model. Gives MACS an enormous advantage
over the predominantly proprietary competition.
On Thursday, July 31, 2003, at 06:03 PM, david nicol wrote:
http://www.tipjar.com/nettoys/pink/pinkframe.html
Gives "Internal Server Error" =(
I recognize an AIS server that uses MACS for the underlying
authentication as an item on my "I wish I had someone to delegate
this to because I don't appear to have the time to do it myself"
category.
If AIS is Free, it sounds like something that goes hand in hand with
what MACS is all about. I might like to work with you to integrate the
two in the near future. Or given the fact that you've put this in the
"delegate" bucket, I might like to do it myself. But I'm racing the
clock, getting the next release of MACS ready by Monday. I'll take a
look at it after Linux World next week. In any case, it's probably
easier to change AIS to use MACS than you think...
I have felt waves of animosity coming from the AUTH list as I have
suggested using AIS instead of other things
Hmm. I'm sorry if I helped you form that impression! I don't remember
ever hearing about AIS, though back in the day when we were running a
"horse race" for DotGNU's auth, it might have come up and I just don't
remember. Either way, I personally love it when there's competition in
Free Software, especially if it involves one of my projects. You
usually start by stealing code from each other and you often end up
becoming a single, much better project, one way or another. And
because it's Free, whichever project "wins" is as much mine as the
authors'.
AIS is for sharing an authentication context accross web site
domains, AND NOTHING MORE.
This goes hand in hand with what MACS does. In the past months I've
learned that there's an emerging new industry for what MACS does,
called "Identity and Access Management." An overview would take up
serious space, but let me point you to http://www.digitalidworld.com/
and http://www.medleysoft.com/ (The medleysoft.com site will be
launched in the next few days.)
MACS appears to be a replacement for the password functions of
NIS or LDAP or what-have-you.
You might add "AND MUCH MORE" to that. ;-) As I said, I'm on a
ridiculously tight schedule at the moment. Let me revisit this when I
get back from San Francisco. I'll look at AIS more closely and suggest
a MACS-ing path. I fully expect that AIS can fill one of several
functionality holes in MACS that I'll want to address for the next
point release.
Cheers!
mds