面向企业的开放源代码应用程序为什么没有这些安全功能? [英] How come open source applications that are targeted at enterprises, don't have these security features?

问题描述

1. 在我看来，许多大型企业已经拥有诸如Active Directory之类的强大目录服务，并且在特定于应用程序的商店中不断复制用户是很愚蠢的.

1. It would seem to me that many large enterprises already have robust directory services such as Active Directory and it would be silly to constantly duplicate users in an application-specific store.

即使您需要复制用户存储，也可以提供一种针对Active Directory进行身份验证的机制.另外，您可以支持利用SAML的基于标准的SSO机制.

Even if you require duplicating the user store, you can provide a mechanism to authenticate against Active Directory. Alternatively, you could support a standards-based SSO mechanism that leverages SAML.

支持XACML协议.同样，关于角色和权利的信息也很阴险.

Support for the XACML protocol. Duplicating information on roles and entitlements is equally insidious.

支持SPML协议.许多企业利用身份管理工具包，并且至少希望在集中式管理和供应方面实现开箱即用的集成.

Support for the SPML protocol. Many enterprise leverage identity management toolkits and would at least like out of the box integration in terms of centralized management and provisioning.

那么，为什么开放源代码项目不将这种功能视为在企业环境中逐渐流行的默认功能?

So, why aren't open source projects considering this type of functionality as a default to getting on the radar within an enterprise context?

推荐答案

很多原因，但最大的原因之一是，对于正确或最佳方法的真正共识似乎比您想象的要少.

Lots of reasons, but one of the biggest is that there's less convergence on what the right or best methods really are than you seem to believe.

例如，

• Active Directory以给非Microsoft开发人员带来实施困难而臭名昭著.

• Active Directory, for example, is kind of notorious for presenting implementation difficulties to non-Microsoft developers.

大概有六个竞争性的单点登录标准".

There are probably a half dozen competing single-sign-on "standards".

调和不同的角色/特权模型非常困难-地狱，Sun很难将Solaris Trusted Extensions的模型与Java模型进行调和.

It's very difficult to reconcile different roles/privileges models -- hell, Sun has trouble reconciling the models of Solaris Trusted Extensions with the Java model.

解决这些问题并不是很多有趣"的事情，因此FOSS开发人员会被其他问题所吸引.

Solving those problems isn't a lot of "fun" and so FOSS developers are attracted to other issues.

这篇关于面向企业的开放源代码应用程序为什么没有这些安全功能?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！