Comments on: Authentication: the first victim of the dev-ops divide http://www.build-doctor.com/2009/12/01/authentication-the-first-victim-of-the-dev-ops-divide/ Helping to deliver working software, one continuous integration build at a time Wed, 21 Jul 2010 04:50:11 +0100 http://wordpress.org/?v=2.8.4 hourly 1 By: Banos http://www.build-doctor.com/2009/12/01/authentication-the-first-victim-of-the-dev-ops-divide/comment-page-1/#comment-607 Banos Thu, 03 Dec 2009 14:06:21 +0000 http://www.build-doctor.com/?p=1085#comment-607 Makes me feel advanced. A couple of years ago I helped implement a Chordiant/J2EE/WebSphere6.1/AIX solution using Kerberos to Authenticate/Authorise against a Windows 2003 AD domain using SSO in a retail bank. If it's achievable there, believe me, it's achieveable anywhere :) Windows has been doing Kerberos since 2000, whats your excuse? Makes me feel advanced. A couple of years ago I helped implement a Chordiant/J2EE/WebSphere6.1/AIX solution using Kerberos to Authenticate/Authorise against a Windows 2003 AD domain using SSO in a retail bank. If it’s achievable there, believe me, it’s achieveable anywhere :) Windows has been doing Kerberos since 2000, whats your excuse?

]]> By: bryanl http://www.build-doctor.com/2009/12/01/authentication-the-first-victim-of-the-dev-ops-divide/comment-page-1/#comment-594 bryanl Wed, 02 Dec 2009 13:41:12 +0000 http://www.build-doctor.com/?p=1085#comment-594 It shouldn't matter what the backend for for AAA system is. You *should* have a good enough API in your app where you can switch systems if need be. Every system wil be different, and even the same systems in different environments will be different, so lets not just proclaim one as the *best*. It shouldn’t matter what the backend for for AAA system is. You *should* have a good enough API in your app where you can switch systems if need be. Every system wil be different, and even the same systems in different environments will be different, so lets not just proclaim one as the *best*.

]]> By: John Arundel http://www.build-doctor.com/2009/12/01/authentication-the-first-victim-of-the-dev-ops-divide/comment-page-1/#comment-586 John Arundel Tue, 01 Dec 2009 20:20:08 +0000 http://www.build-doctor.com/?p=1085#comment-586 When I worked for ACME Enterprise Hosting Co, they had Kerberos everywhere which worked quite well, combined with RSA two-factor authentication. However, when you're writing systems integration glue code and Puppet manifests and so on, it seems inevitable that you're going to have to store passwords somewhere, because lots of applications and bespoke scripts don't support directory services. I wonder what the best practice for dealing with such things is. When I worked for ACME Enterprise Hosting Co, they had Kerberos everywhere which worked quite well, combined with RSA two-factor authentication.

However, when you’re writing systems integration glue code and Puppet manifests and so on, it seems inevitable that you’re going to have to store passwords somewhere, because lots of applications and bespoke scripts don’t support directory services. I wonder what the best practice for dealing with such things is.

]]>