ossp-pkg/sorp/BRAINSTORM.txt
1.1
OSSP sorp BRAINSTORMING
=======================
Currently:
- PESP: Apache+mod_rewrite+MySQL+mod_proxy
- IT Intranet: Apache+mod_rewrite+mod_proxy
- IS Intranet: Apache+mod_php+MySQL
Purposes:
- HTTPS to HTTP gateway
- HTTPS sticky pass-through
- user single-sign on & sticky authentication (user-id|client-cert -> session id)
- remote session tracking (session id -> user id + information)
- load balancing over multiple backend servers
- backend response caching
Possibilities:
- Apache+mod_rewrite+mod_proxy+?
- Pound: http://www.apsis.ch/pound/
- Squid?
- Apache mod_proxy_add_forward: http://develooper.com/code/mpaf/
Apache mod_rpad: http://stderr.net/apache/rpaf/
- Stunnel
- Symbion SSL Proxy: http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/sslproxy/
Libraries:
- libcurl
- pth
- sa
- cfg
Prerequisites:
- polling abstraction library (kqueue, poll, select, /dev/poll, etc) for Pth and stand-alone
- SSL support for OSSP sa
Applications:
- NMIT PESP web portal frontend server
- IT Operations Intranet frontend server
- IS Operations North Europe Intranet frontend server
- MOF
- ChangeLog
- Team.xmldb
- ChangeLog
Tables
======
Session
-------
session_id /* unique session id */
session_expire /* expire time of session */
session_scope /* scope/grade/level of session (login, visit, etc.) */
account_id /* unique account id (attached user account) */
Account
-------
account_id /* unique account id */
account_pw /* password of account */
account_name /* realname of account holder */
account_location /* realname of account holder */
...
groups...
