user model & authentication service

[Epoch]

Hi,

I need the last few chapters :-) In the meantime can someone please
point me to the right direction.

Since every service will need to talk to a user model/database at some
point, it make sense to build the user management database as a
standalone service which also handles the authentication and the user
model for all other services. The thing I can't wrap my head around is
how everything fits together in the big picture. Is there technologies
out there already I should look into? Eg. OAuth or OpenID

cheers,
Daniel

[Paul Dix]

one method is to have all service requests come into one place where
the user can be authenticated. Once authentication has taken place you
forward the request along to the appropriate service.

The bigger question is authorization. Is this user allowed to
view/update/delete the resource they're hitting. How to do that
depends greatly on what the security model for the service looks like.
You could also have the same central service perform the authorization
check. The advantage of having it in this central place is that the
user credentials and authorizations can be cached in a single place.

I'd advocate for basic data and business logic services that they not
have to call out to a user service for every request. That will put a
huge load on that service and slow things down. Although, if that
service is fast enough I suppose it wouldn't be that big of a deal.

Hope that helps,
Paul

> --
> You received this message because you are subscribed to the Google Groups "Service Oriented Design With Ruby" group.
> To post to this group, send email to service-oriented...@googlegroups.com.
> To unsubscribe from this group, send email to service-oriented-desig...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/service-oriented-design-with-ruby?hl=en.
>
>