The two things I'm interested in using JNDI for are:
- Location of things in a distributed environment; a typical LDAP role (read VERY frequently - on average approx once for every single game-action, but altered very infrequently - on average each item changes at most once every 20 minutes, perhaps as frequently as every few minutes in rare situations), but the amount of information stored in the objectclass is near to trivial - this would be PURELY a locator service, NOT a retrieval service, so the LDAP DB would be merely a conveniently richly searchable directory, and not contain any end-data.
- Chucking all authentication (A1) and authorization (A2) off to an LDAP server. Authentication is trivial, but authorization is sufficiently complex to do that it would be convenient not to bother (not to mention quite nice to do LDAP-compatible A1 and A2 as a "feature", although so far only one sales prospect has ever known what LDAP was, so perhaps this would be an "anti feature") At the moment, we're running a trivial RDBMS for A1, and a decoupled semi-tree-structured RDBMS for A2.
(nb: for A2 we have: users (multiple group membership), user-groups, resources (single group membership), resource-groups, user-group to resource-group ACL's, and then arbitrary extra groupings layered on top in order to keep group-memberships small for the poor human admins
And then there's all the hassle of A3 (admin) which we've only got rudimentary standard tools for. Integrating a decent A3 set of tools onto the A2 layer is a current and ongoing challenge, with many different options. Which is why we've standardized on nothing (since different licensees have very different desires and are happy doing their own).
So...I think for the primary use-case we're fine with the lowest-common-denominator of LDAP.
For the other one, I'm not sure what we'd need in terms of LDAP features. I've never done much LDAP auth outside of client-server stuff using the secure layer - but this would be all internal to a cluster, so AFAICS there's no need for any of that.
And JNDI claims to be LDAPv3 compatible anyway. There were a lot of improvements in 1.4.x (including the addition of basic stuff like pooling, and some new services like DNS in the standard JVM distribution)