www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tony Stevenson <pct...@apache.org>
Subject Re: LDAP and authoritative data
Date Mon, 15 Dec 2008 11:40:53 GMT

Graham Leggett wrote:
> Hi all,
> Up until this point, the authoritative source for ASF data has been 
> various files stored in subversion (members.txt, etc).

asf-authorization, etc

> A key advantage of this method is that we have a full auditable history 
> of what our "state" looks like, and how we got into that state.
> A key disadvantage of this method is that while we have a very strong 
> store of data, this data isn't readily accessible, thus the effort to 
> publish this data in an LDAP server.

That is not the main driver for this. The reason I raised it time and 
again was to provide a single point of management/control for access 

> The introduction of LDAP raises a question:
> Is the intention of the LDAP initiative to become the master and 
> authoritative data store for the ASF, replacing members.txt and friends, 
> or;

For now the only intention is for LDAP to be used for access control, 
not to store 5 jpegs of people, 4 email addresses, and 8 web sites 
affiliated to that person.   :-)

> Is the intention of the LDAP initiative to become a slave and 
> non-authoritative data store for the ASF, populated automatically by 
> changes to the authoritative files (members.txt etc) currently stored in 
> subversion (probably using some kind of scripting).

In the long term, again I only envisage it being used for access 
control, nothing else.  So storing data from members.txt et al, would be 
beyond the scope of what I think we need to achieve at the moment.



Tony Stevenson
tony@pc-tony.com  //  pctony@apache.org

1024D/51047D66 ECAF DC55 C608 5E82 0B5E  3359 C9C7 924E 5104 7D66

View raw message