Monday, February 09, 2009
Innovation in LDAP
I wonder if Ludovic Poitou believes that LDAP servers should support the XACML protocol or should they continue to only support LDAP-specific ways of providing ACIs?
Bavo De Ridder does mention that so-called referential integrity is not integrity which I agree with. Operations done in a post-operation plug-in can cause semantic integrity challenges. In all reality, referential integrity needs to be combined with transactional support as you need to prevent bad reads. Ever heard of ACID?
One recent innovation comes from Unbound ID which acknowledges that LDAP sucks not from a server perspective but because the right APIs for applications don't exist. Simply put, JNDI is fugly. You would think that Sun out of all companies would be working to come up with something for Java a lot better.
The features that seem beneficial include connection pooling. Isn't it kinda dumb that we are still custom coding connection pools in the world of J2EE application servers? How come Oracle/BEA, Glassfish haven't made this go away. It also seems like they thought a lot about security. Of course, this begs the question of whether LDAP servers should support SAML as an authentication scheme.
I am curious how others think basic operations such as sorting should work in the world of LDAP?
Links to this post: