Hi guys,
Thanks for all the replies. The picture is quite clearing up, but I think I owe you a more detailed picture of my dilemma:
I'm working on our company's intranet and its quite obvious that it's shaping up to be portal, something with discussion boards, Web mail (coming soon), plus enterprise apps like retrieving of branch reports (because I work in a bank and branches need a daily extract of reports from our CA/SA), and even a data entry site for a raffle promo our bank is holding. Then add in the admin sides for all of those and it'll be quite messy. In short, its a smorgasbord of disparate apps with users' rights and privileges of access overlapping in between. And sometimes it's not just a single user, but a group of users with one level of rights (say, tellers of branch A).
It's a typical scenario, right?
Now the users' authorization (username/password) is done against the database. So it means that every user has a username/password pair for every app! Sesh, certainly making a single, bloated table where all the usernames/passwords/rights are stored is out of the question.
Before it all implodes, I'm thinking of doing it prmarily with LDAP, then perhaps blend in some standard security mechanisms like certificates or JAAS.
I need your help in determining the best combination. In another light, what would be the best design pattern? Currently it's done with
Struts.
Again thanks for all your opinions! Ex Animo Java!
-- Val