Identity Management Tips, Thoughts and Opinions

Matthew Pollicove

Subscribe to Matthew Pollicove : eMailAlertsEmail Alerts
Get Matthew Pollicove via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Blog Feed Post

Why are feeds bad?

I was recently asked to take a look at an architecture in use by a client. As I started the analysis, Inoticed that there was a high reliance on Web Services for communicating databetween systems. Now Web Services are not necessarily a bad thing, but when Ilooked at the back end systems that were involved, it seemed ratherunnecessary. There was no overwhelming requirement for security and there weresimpler, but still effective means to move the data. Adding in a Web Servicescomponent introduced extra hardware, software and network hops that in my analysisprovided inefficient service and an unneeded, overly complicated architecture.

When moving data between systems, there is nothing wrongwith using temporary ASCII files or SQL Tables.  SQL Tables areparticularly useful since they can be optimized for read/write operations andcan have some extra security placed on them. Also most IdM systems allow forencrypting data to provide an extra layer of security. Sometimes, these systemsare the easiest means of communicating between disparate systems.  Let’sface it, how many mainframe or AS/400 systems have native SPML support?
For instances where there is a native LDAP interface, don’tbe afraid to use it, NetWeaver IDM is excellent at both reading and writing toany LDAP v3 compliant system. Heck, any User Provisioning system worth its saltneeds this anyway.

So as a final word to those considering how to connectwidely (or even not so widely) disparate systems, think again to the basics anddecide if the use case, the customer, and the technology really require WebServices and could not be better served by the big three: ASCII, SQL and LDAP.

Read the original blog entry...

More Stories By Matthew Pollicove

Matt Pollicove is an Identity Management architect, engineer, trainer, project manager, author and blogger with experience in user account provisioning, data synchronization, virtual directory and password management solutions. As a MaXware Technical Consultant and later as a System Engineer, he worked extensively with MaXware (now SAP) software products in large customer environments. In the past Matt has worked with several leading national and international consulting firms and is currently a Sr. Principal Consultant for Commercium Technologies. He is currently the Practice Lead for SAP NetWeaver Identity Management and SailPoint IIQ.