Monday, May 12, 2008
So how do I handle this question when I get it from customers ?
First, I need to understand whether they want to control Authentication (who can log in) or Authorization (once logged in, who can do what). So far, it's a 50-50 mix. So, the good news is that Lotus Connections v2 adds support to specify which LDAP users or LDAP groups can log on to the application! Yay!!
For authorization, only Communities has very granular controls where you can specify who can do what. And in some cases that's all the customers want to control (who can create and join communities). And for those who do want granular controls on the other 4 Connections services ?
I position a companion product for Lotus Connections: IBM Tivoli Access Manager (TAM) for e-business. Since all of the Lotus Connections URLs are RESTful it should be pretty easy to configure WebSEAL/TAM to control who has access to which URLs.