[alf-dev] Re: Requirements for ALF SSON

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[alf-dev] Re: Requirements for ALF SSON

From: "Kelly Shaw" <kshaw@xxxxxxxxxx>
Date: Sat, 10 Sep 2005 11:01:13 -0600
List-archive: <http://eclipse.org/pipermail/alf-dev>
List-help: <mailto:alf-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/alf-dev>, <mailto:alf-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/alf-dev>, <mailto:alf-dev-request@eclipse.org?subject=unsubscribe>
Newsgroups: eclipse.technology.alf
Organization: Serena Software

We received the following note on this subject on the mailing list alf-dev.
I'm posting it here so we can maintain some sort of thread on this
subject. - kas


From: Mike Milinkovich [mailto:mike.milinkovich@xxxxxxxxxxx]

Sent: Friday, September 09, 2005 4:05 PM

To: alf-dev@xxxxxxxxxxx

Subject: [alf-dev] Re: SSO Discussion continued



If you folks are talking about SSO, security and identity why are you not
talking to the Eclipse trust project? This post is intended to introduce the
ALF team to the Higgins team in the hope that some re-use can occur across
the two projects.

/mike







"John Streiff" <john.streiff@xxxxxxxxxxxxxxxxxx> wrote in message
news:dfsecs$sil$1@xxxxxxxxxxxxxxxx...
> For Secure Software, Inc. I generally agree with the statement. The key as
> has been mentioned, is keeping the bar for entry low enough to attract
> participants, while at the same time enabling them to use ALF to add value
> to their products for vendors and integrate disparate tools more easily
for
> customers.
>
> SSI is currently researching the Liberty project as a stable
authentication
> and authorization based solution that may be worthy of recommendation to
> Eclipse as a separate sub-project. I do believe that ALF should remain
> focused on the core value: providing tool interoperability at low risk and
> low cost to all.
>
> More information can be found on Project Liberty at www.projectliberty.org
>
> Security management and all that goes with it are important, should be
> required in some way to achieve some level of full compliance perhaps, but
> must not be required to play in the ALF sandbox in my opinion.
>
> "Kelly Shaw" <kshaw@xxxxxxxxxx> wrote in message
> news:devkp6$g0k$1@xxxxxxxxxxxxxxxx...
> > In our requirements meeting last week we decided that *requiring* an
> > identity server such as LDAP was beyond the scope of ALF. It sets the
> > entry
> > bar too high for many products and may slow ALF adoption across the
> > industry.
> >
> > We did say we would provide a Service Provider Interface where an
identity
> > server could be added to ALF. While I like this approach, I think our
> > example implementation should probably include something like JOSSO or
> > some
> > other identity manager.
> >
> > Do I hear agreement or disagreement to this approach?
> >
> >
>
>

Follow-Ups:
- [alf-dev] Re: Requirements for ALF SSON
  - From: Kelly Shaw

References:
- [alf-dev] Requirements for ALF SSON
  - From: Kelly Shaw
- [alf-dev] Re: Requirements for ALF SSON
  - From: John Streiff

Prev by Date: RE: [alf-dev] ALF in perspective
Next by Date: [alf-dev] Re: Requirements for ALF SSON
Previous by thread: [alf-dev] Re: Requirements for ALF SSON
Next by thread: [alf-dev] Re: Requirements for ALF SSON
Index(es):
- Date
- Thread

Breadcrumbs