I’ve been meaning to get back to this topic for quite some time. Before moving onto other Standards topics, I want to try and conclude this thread on SAML. James and I traded responses about authentication and SAML, and I applaud James for taking time to look into the capabilities of the DFC to respond to my previous post. James did get several details of the DFC incorrect, but not regarding any points important to this discussion.
I ran into a problem the other day and I thought I would share the solution. I have encountered it before elsewhere, and that means others have encountered it before as well. Before I dive into the problem, I just want to say something to James. When Bex wrote about ECM systems storing Content, not Users, he presents a powerful and logical argument. Outside of the lab, I’ve had several clients where the network wasn’t ideal, and we were more than happy to store a copy of the user information inside of Documentum, only talking LDAP for authentication. I know the solution should be to fix the network, but sometimes that isn’t entirely possible. That is another story.
[REVISED 2007-8-03 (I hate this network)]
Been a busy week on the ECM standards front. There has been a lot of discussions going around. I’ve been silent on the topic as I’ve been focusing on learning more about SAML and XACML so that I can respond to James’ question. Plus, the dialogs are going great and I haven’t needed to keep them going.
I am not ready to give James an answer on XACML, yet. I feel I am ready to start a dialog on SAML though.
Reaction to my previous two posts revealed two simple things about the Universe. Enterprise Architects want/need ECM standards now. Enterprise Content Management people don’t think that the ECM world is ready for them. They are both right, so let the fighting begin.
Brian “Bex” Huff wrote about the lack of useful ECM standards and how writing a standard to the lowest common denominator would leave it all but useless. He raises some excellent points, but I think there is an important thing here. If an ECM system doesn’t support a minimal level of functionality, is it really Enterprise worthy? If it isn’t ready for the Enterprise, do we care if it can’t integrate with everything else? I’m thinking No on both counts.