[JDEV] Distributed Authentication - thoughts people?
adamtheo at theoretic.com
Thu Sep 27 19:58:25 CDT 2001
Michael Hearn wrote:
> - Optionally abstract this system so Jabber is not a necessary component for the authentication.
> However, like I've said before, we should recognise that this is bigger
> than Jabber. If we define a protocol, it should be sufficiently
> abstracted to allow bindings to other protocols as well, therefore
> allowing interoperability.
hm... my first reaction is "jabber can do it, i'm sure, and do it better
than anything else, so to hell with porting to other platforms". then i
caught myself and realized that you do have a point with
interoperability. so i'm going to propose a comprimise between my old
and your ways: we treat auth in jabber like we treat IM. that is, jabber
has it's own protocol that works best for it, but then also has
'transports' to other auth systems (like liberty alliance's, passport
federation, and dotgnu's when/if they get it done). this way jabber
keeps the power of having it's own custom system, but interoperates with
ease to others... i think this is the best approach.
More information about the JDev