D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] OT: Wiki+CMS hybrid...

 

On Saturday 27 January 2007 11:52, Kai Hendry wrote:
> LDAP is an over rated, overly complex piece of software IMO.
>
> In my experience using a mysql table for your users is fine.
Until you find you actually need the complexity that LDAP can offer.
Its a bit like most things in computing - you start doing it the easy way and 
then you find later on that you have to move to the more complicated way but  
its too late...
Wot you need is to start with LDAP in a simple way which isn't easy - it needs 
a front end that can set up the simple scenarios. I did write one many moons 
ago but it wasn't mine to keep  - and I never did find out if it would extend 
to other more complicated scenarios.
> Getting any CMS to authenticate to mysql is usually straight forward.
> Unlike LDAP.
LDAP has a well defined api and its not too hard to communicate with:
Can user A do this?
Wot can user A do..
What users can do this ... are (were) relatively easy to implement.
> Keep it simple,
NO! MAKE it simple but make sure its FULLY extendible.
In an ideal world everyone would start with a full blown ERP system thats got 
a 'simple' configuration. But we don't, we start off with simple this and 
simple that and then have to pay massive amounts to convert 10,000 excel 
files and 'simple databases' into something coherent. Which is often 
logistically impossible.
Programming is like building - the stronger the foundations the higher you can 
build.
Microsoft have flogged that idea that computing is simple for years and that 
never works: when it boils down to it you cant manage n parameters with n-1 
controls. 
A CMS without enterprise level access controls will never become an enterprise 
level CMS. A CMS which can utilise an enterprise level access control at 
least has a chance of becoming one. A CMS that can utilise a simple access 
control system that can then be upgraded (the access control that is) to a 
more complicated level as necessary stands a much better chance of being used 
on a personal level and an enterprise level.
Now it that access control can be across all your other computer resources as 
well... 
LDAP has a steep learning curve but it is not beyond the wit of an average 
programmer to hide the potential complexity behind a front end and allow 
simple peer control, while not precluding a full blown system. 
Try writing one of those in sql - you'll be reinventing LDAP in the long run, 
and the faults they put into LDAP on the way.
Unix (hence Linux) started with the philosophy of each program should do one 
thing and do it well. Have a look at PAMs. You don't get those in Windows 
(hoch spit) but if you go to LDAP theres practically nothing you cant use it 
in - well maybe an Amstrad PCW.


Tom te tom te tom


-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html