You bring up some interesting points - Tell me if I'm wrong with this scenario:
Napster uses eDirectory for user authentication and access priviledges. I register with them and they create an account for me (called it PJNapster). They use this user object to grant me priviledges within their system. (perhaps they can use it for accessing music or managing certificates too!)
I have a Personal Directory installed on my PC at home and created a "myDirectory" that stores my personal data. The user I created there was PJStrifas. I populate PJStrifas with personal information (name, address, phone, etc). When I access my PC, Personal Directory is started and I log into it using my user name and the password I chose.
When I want to access my Napster information - I use client software (in this example, Novell Client) to log into their Directory. To do this, I "tell" Personal Directory that I'm logging into a remote Directory and it asks for my crendentials to do so for me (username & password).
After successful log in, Personal Directory caches ALL information associated with my user object in Napster's Tree locally. So when I look at my Personal Directory, I would see user entries for PJStrifas and PJNapster (simplified explaination). I can then choose to synchronize information between PJStrifas and PJNapster. I literally pick and choose what information I will share with Napster (ie, address, phone number, etc).
At a predefined interval, my Personal Directory will synchronize the cached information of my Napster user (PJNapster) back to the Napster Tree. So in the end, the information contained in the properties of my Napster user object are "filled" by the sync process with my Personal Directory. I control what information Napster has based on the fact that I fill out the properties of my user object in their tree!
Now, extending the Directory to store information beyond the basic user is going to be an interesting development. Napster would need to extend the schema (rules defining objects) to hold whatever information it deems necessary. In doing so, my local schema would ALSO need to be extended to be able to identify the extensions otherwise I could not manage them correctly.
I hope this helps...
Regards,
Peter J Strifas
PS - this same process can be done via LDAP as well. I haven't tested that part out yet... |
