Authentication and authorization is an important non-functional feature of any large scale project. This is particularly true when the project of interest has interfaces with a multitude of internal applications (within the same organization) and external applications (outside the organization, federation required). Time (and industry) has called for good leverage of "common concerns" to detach themselves from the many silo applications/services so as to enable better operation management of itself (high reliability, availability, scalability, and accountablility).
While everyone is still figuring out (on paper or on wire or between argument/disagreement on standards) how such common concerns (in this case, authentication and authorization) should be addressed once for all, it is useful to appreciate such motivations and the directions: let us leave the devil of details to another devil called time. The first thing of due diligence is to align the mindset and objective.
So this is a good read: Enterprise Authorization Strategy
http://msdn2.microsoft.com/en-us/architecture/bb417064.aspx
Everyone knows the big picture is important, but when the big picture is too vague we could easily forget it then any implementation could lend itself very well to the siloed application model. This has to be reminded over, and over.
Posted
May 02 2007, 01:31 PM
by
blackinkbottle