Greetings all,
I've been reading the list for a few weeks, and think this
question is appropriate here. If not, please keep your attacks personal,
vicious, and off-list.
This question comes from my work with the IU Digital Music Library
initiative (http://dml.indiana.edu/ for a sparse background).
I need to deliver streaming content under fairly rigid
authorization and authentication conditions. First, I need to know that
the person requesting the content is who they say they are; after that, I
need to verify if they have rights to the paricular media object they are
requesting.
The approach I've been considering is
1) Use Kerberos to authenticate users (against either the
university domain or a local server), verifying forwarded tickets when
they hit the Darwin server, and then
2) Build a custom (Java, probably) server to handle requests for
authorization on a per-stream basis. Darwin would check each (user,object)
pair against that service before granting access.
This would involve, as far as I can tell,
1) The addition of Kerberos support to Darwin at some level, and
2) Replacement of Darwin's current authorization checks
(AccessModule) with something that calls my server for permission; that
server in tern will probably have to hit an LDAP server (or something
similar) to make a decision.
I have no idea what kind of performance issues I face w.r.t. the
server itself; from WWDC, I recall that what I'm proposing could be Bad
(as in Ghostbusters).
Input/insights on- or off-list are appreciated greatly. If nothing
else, targeted RTFMs are good, because what I've read so far in docs and
code don't get me to the point of understanding fully if I'm going down a
dark, dark path. It's entirely possible I've read the wrong things.
Thanks,
Matt
