back to the *point* WAS: Re: [thesite] UEUE v.0.2 Update

.jeff jeff at members.evolt.org
Thu Nov 8 10:25:04 CST 2001 

dan,

><><><><><><><><><><><><><><><><><><><><><><><><><><><><><
> From: Daniel J. Cody
>
> this is just me an limited understanding of j2ee and
> .net, but wouldn't we need to have these technologies
> in place to use them?
><><><><><><><><><><><><><><><><><><><><><><><><><><><><><

nope, not at all.

what we're talking about here is a very basic cross-site authentication
model where the user store is disconnected for security reasons.

><><><><><><><><><><><><><><><><><><><><><><><><><><><><><
> if i'm wrong, ok, but one more thought :) the purpose of
> what we're trying to do here is to make it language
> agnostic. if we have a subsite in jsp, it can talk to
> our user DB. same with asp, cf, php, perl, python,
> whatever - we don't need to rely on any one language to
> develop evolt sites while assuring they're able to hook
> into the 'collective' :)
><><><><><><><><><><><><><><><><><><><><><><><><><><><><><

that's the beauty of what i'm talking about.  the language of each subsite
isn't an issue as long as the subsite can 1) open a server-to-server line of
communication between itself and ueue and 2) parse/create an xml packet.

this approach would also allow us to maintain a unified session across
subsites.  as a user creates session information it would be up to the
subsite to create an xml packet with each piece of session information and
pass that packet to ueue for storage.  if the user goes off to another
subsite, that subsite would then try to authenticate the user with ueue and
would get either a "fail" or an xml packet containing user information as
well as that user's session information, if it existed.  the beauty here is
that it'd be up to the subsites to do this reporting of session information
and decide what they want to do with session information created at another
subsite that had been reported to ueue.  if there was sensitive information
pertinent only to a subsite they could choose to not pass that along to ueue
for the global session.  obviously to make this work we'd need to come up
with a defined format for storing and reporting this session information to
make it easy for the subsites to use it.

thanks,

.jeff

http://evolt.org/
jeff at members.evolt.org
http://members.evolt.org/jeff/

More information about the thesite mailing list