Child pages
  • Bedework Project Survey

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

Respondent

Gary Schwartz

Goal/Problem Space

Bedework is an open-source, Java-based, standards-compliant, enterprise calendar system designed to primarily serve higher education. Bedework has a centralized server architecture and web-based clients, and can be accessed from CalDAV clients such as Apple's ical and iPhone, Mozilla's Lightning, and the ZideOne plug-in for Outlook.

Features

The main Bedework components include public calendar suites & data feeds, web-based clients for administration, event submission, and personal calendaring, and servers for CalDAV, CardDAV, and Timezones.

Anthropomorphically speaking, Bedework strives to be the leading Java-based, interoperable calendaring system in higher ed, and looks to transform itself, hopefully without any human intervention whatsoever,  into an events-driven, SOA/WS system, providing the infrastructure for "calendaring as a platform" - the "World Wide Calendar".

Technology Stack

Java, Struts, Hibernate, Ehcache, iCal4j, Lucene, jQuery, Xalan-Java, Apache Commons.

Bedework is implemented as fully standard (JSR 154) collection of servlets, and as such relies on the container for authentication.

Identity Services

Managed Information

Consume?

Produce?

Broker/Convey?

Privileges

 

X

 

Roles

 

 

 

Groups

X

 

 

Attributes

X

 

 

Identification

X

 

 

Defined Interfaces

Consume?

Produce?

Broker/Convey?

Authentication

X

 

 

Attributes

X

 

 

Permissions

 

X

 

Provisioning

 

 

 

Authorization

 

X

 

Subjects

 

 

 

Other

Consume?

Produce?

Broker/Convey?

Standards and Interfaces

Bedework implements interfaces which provide basic LDAP support to obtain principal group information and principal attributes.

Shibbolized instances of Bedework have been deployed, but there are compatibility issues with CalDAV and Shibboleth.

Issues and Challenges

Authorization within the Bedework services is based on DAV access control using ACLs. This is proving to be complex for users, and inadequate in that the assignment of roles to a principal needs to affect multiple services, e.g. CalDAV and CardDAV.

Shibboleth implements the Web Browser Single-Sign On profile of SAML, which requires a full web-browser to run. Virtually no *-DAV clients are full web browsers. We need something else to base federated identity authorization for *-DAV (CalDAV, CardDAV, WebDAV, etc).

More Information

http://bedework.org