Re: JAVA Support

I cc'ed Tom Lockhart because he *used* to be core, and I know where
he works. No response expected.

On Sep 28, 2006, at 2:11 PM, Magnus Hagander wrote:

>> f) SASL support is available in current Java as well as C.
>> SASL libraries are included (or at least loadable) on MacOS,
>> Solaris 10+, and Linux. (I don't do windows, so I can't say
>> there.) While it has a reputation for complexity, that
>> complexity is in building the libraries, not in using them.
>>
>> It can be used to provide most (all?) of the functionality
>> now provided by the assortment of existing mechanisms.
>
> Well, it's still a complexity you need to deal with. Plus, just
> Java and
> C is far from enough, if you are intending to suggest we replace
> some of
> what we have now with it (like passwords and other such things). For
> example, you need things like perl, python, ruby, C#, etc etc. not
> sure
> how many of those would be fine with a C wrapper, I know for a fact
> that
> C# (or other .net languages) wouldn't, they need it natively.

OK, point taken. OTOH how many of those have GSSAPI support? I
don't know, but I'd guess that only going as far as GSSAPI gets you
C# (and .net), and Java of course. Perl probably isn't a big deal
just using glue for either SASL or GSSAPI. Python and Ruby I don't
know.

> There also used to be some bad portability issues wrt at least some of
> the SASL libraries (if there is more than one).

There's more than one, since the Java one is different from Cyrus.
I've seen references to others, but I think they qualify as
"obscure". The Sun one is related to Cyrus.

> I know I tried to make
> it work on win32 once and failed miserably. (Then again, I've
> failed on
> Linux as well, but not quite as bad. And it's not included in all
> Linux
> distributions, at least it wasn't when I checked a while back)

Well, I know Redhat has RPM's that look reasonable. I'm not a big
Linux user myself. (More a BSD bigot, to be honest.)

> And finally, there's backwards compatibility. We're still going to
> have
> to support all the existing ones for the forseeable future unless you
> want to prevent all older clients from connecting (hint: you don't).

No question. Just a thought for the future.

------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry(dot)B(dot)Hotz(at)jpl(dot)nasa(dot)gov, or hbhotz(at)oxy(dot)edu