[Esapi-dev] List of potential authentication adapters to perhaps consider at some point
Boberski, Michael [USA]
boberski_michael at bah.com
Fri Jan 15 14:18:51 EST 2010
I've mentioned what I think is a need to add an LDAP auth module to the reference implementation in recent emails.
Here is what I mean in more detail, here is a first draft of a list of reference authentication modules that I think might be worth considering building out in the future:
* LDAP directories
* X.509v3 digital certificates (perhaps even PKI vendor-specific versions)
* Windows Domain Authentication (NTLM and Kerberos)
* Tokens (e.g. RSA SecurID)
I would like to see e.g. Entrust and RSA people on this list and get them contributing to the authentication reference module codebase, I'm not sure they know they could contribute in this way though given I don't know if anyone's asked, basically.
Adding reference implementations for security-related controls that are most commonly used today (authentication, encryption/signatures, and logging (related but different example: why not a syslog reference implementation)) gets ESAPI's foot in the door, making the rest of the controls available for subsequent use. Similar to how the WAF is now packaged with the rest of ESAPI, use of one gets the other in the door, when then someone can point out.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Esapi-dev