[JDEV] Module API
Donn Cave
donn at u.washington.edu
Tue May 16 12:04:47 CDT 2000
Quoth Benjamin Kahn <xkahn at cybersites.com>:
| I have a PAM patch which authenticates any PAM module. That
| includes LDAP, of course. The patch should be available within the
| day. I haven't written an xdb to store user attributes for it... PAM is
| strictly authentication. That means that user data is stored in the file
| system still. However, everything is usable. I'm using it now. An LDAP
| xdb would be a nice thing...
It would? I think I can see how network storage would be nice thing,
in a situation where the service needs more than one host to handle load.
NFS doesn't sound very good, although I guess it could be made to work
if the name space were un-flattened (10s of thousands of entries in one
directory is not the good life.) But, with all LDAP's features, most of
them seem to me like more of a liability here than an advantage, so I'm
puzzled.
I was thinking the storage access model here is the very simplest
possible. Each item is retrieved by exactly one user name. The data
is just bytes, it's up to the service to sort out the XML. Only the
service daemons need access to the data. Is it a bigger job than this?
Is LDAP attractive because it's an existing network storage solution,
or for features like fast wild-card attribute lookup and hierarchical
structure?
Donn Cave, donn at u.washington.edu
More information about the JDev
mailing list