CraigMcMurtry writes Application Security, Part 1, 2 and 3. In the posts he explains, among other things, but mostly why developers need to store user data in the global directory service of the enterprise rather than an application's database. This is something I hear both sides of. I have had long discussions with a very experienced and passionate directory architect (more info) who often tells me the same thing; and as a developer, and avid reader of developer publications and blogs, I know developers tend to see relational databases as the solution for all data storage needs, even when not appropriate (XML is gaining ground, more on that some other time). Craig says they're our crack cocaine.
He's probably right. Since relational databases are so useful, powerful and easy for us programmers to use and understand, we often use them without first considering potentially more appropriate alternatives. Craig's posts explain some of the considerations for using LDAP based directories such as Active Directory, and eDirectory.
Some links developers might find useful related to LDAP (I'm sure I missed many other great ones):
posted @ Thursday, March 04, 2004 12:07 AM