OT: Looking for a reliable 3rd party AD Provider
Andrew Cowie
andrew-2KHxOkysSnqmy7d5DmSz6TlRY1/6cnIP at public.gmane.org
Sat Mar 31 08:52:06 UTC 2007
On Fri, 30 Mar 2007, Lennart Sorensen wrote:
> > But 3rd party? Who would be insane enough to outsource your system's
> > authentication? What if your internet connection goes down?
and
On Sat, 2007-03-31 at 00:45 -0400, Robert Brockway wrote:
> I would have to fully agree with Lennart - don't try to authenticate your
> boxes with an offsite authentication system.
Actually, this is one of the services that SalesForce provides (although
in the context of customer relationship management).
We have a client who uses it as the single-sign-on mechanism for all
their [public!] web access granting. Yup, that means that this firm's
entire internet presence relies on the outsourced authentication
provided by salesforce.com.
Insane.
Mind you, other than the conceptual problem, they have a good reputation
for making people happy, so {shrug}. And single-sign-on has been the
holy grail for many a company, so it's clear why they have a good
business for actually providing APIs to achieve it. I just don't happen
to think it's trustworthy from a technical, operations, privacy, or
security standpoint to delegate authentication in this manner - and that
makes it a massive hole from a fiduciary responsibility standpoint; I
wouldn't want to be a Director of a company doing this.
AfC
Sydney
--
Andrew Frederick Cowie
Operational Dynamics Consulting Group
http://www.operationaldynamics.com/
Management Consultants specializing in strategy,
organizational architecture, procedures to survive
change, and performance hardening for the people
and systems behind the mission critical enterprise.
Worldwide:
Sydney +61 2 9977 6866
New York +1 646 472 5054
Toronto +1 647 477 5603
London +44 207 1019201
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://gtalug.org/pipermail/legacy/attachments/20070331/8efc903e/attachment.sig>
More information about the Legacy
mailing list