One of the drivers for a unified development
framework is to consolidate identity
and security processes. A common problem within enterprises is the proliferation
of access methods, usernames, and passwords, often resulting in a “lowest
common denominator” situation with security as strong as the weakest
authentication scheme in place.
In this framework, a single point of control
is specified for authentication and
authorisation, upon which all security-aware end-user applications can depend.
This is intended to reduce the number of locations within an architecture where
authentication is defined and coded, and support the use of directory services to
handle identity management across the organisations.
