[thesite] My Intro and a look at a UEUE Proposal

Joshua Olson joshua at alphashop.com
Tue Oct 16 11:44:34 CDT 2001


----- Original Message -----
From: "Daniel J. Cody" <djc at starkmedia.com>
Subject: Re: [thesite] My Intro and a look at a UEUE Proposal


: the distributed DB model really stunts the ability of evolt to scale..
: if someone wants to do a kickass project for evolt(like Simon did with
: d.e.o) without making it a pain in the ass on users, they have to get
: our user records somehow. also, replication of the entire DB is a
: serious bitch. :)

I'm not quite sure I made my idea completely clear.

Let's say there was a goal to have one central repository for authentication
and user attributes AND still allow the other sites to be developed in
whatever language and platform they desire (and on whatever server they
desire).

This can be done with some careful communication models.

Take this scenario as an example.

User visits a site and does not have the universal ticket to play as
outlined by Mark.  The site queries the respository via HTTP* using the user
supplied username and password and the following information is returned
directly to the site via XML or whatever:

- Site specific user information (name, occupation, hair color)
- All information for the ticket as outlined by Mark - a hash string, the
username, etc.

The site them has the obligation to set the cookies for the ticket based on
the server response and can then set whatever internal session variables it
needs as well.

If the site wishes to update information about a user, it submits the users
ticket with any changes to the db using a standard form submit to the
repository and it updates the records.

When the user goes to a different site on the network, the ticket is checked
for validity like always.  If the site stores stuff in sessions it requeries
the repository with the ticket and grabs site specific user attributes.
Parses the XML response and goes on its merry way.

I'm fairly certain this system could work.  Even though it seems fairly
complex, it is greatly simplified by the fact that the repository is a
genuin black box.

-joshua

* When I say queries the repository via HTTP I mean it makes its own call in
the processing of a page.  In CF, this would be done via the <CFHTTP> tag.





More information about the thesite mailing list