Not all of these points always apply; these are merely common observations
- run/administered by dedicated admins (not the users)
- integration with lots of other systems
- legal requirements for data storage (e.g. PCI compliance) and traceability
- often distributed over multiple machines (DB/web frontend/worker)
- often runs in locked-down network environments (specific port/IP combinations opened in firewall, everything else forbidden)
- Authentication via LDAP/AD or Kerberos
- Role-based authorization (possibly also from AD)
- Multitenancy
- Audit trails
- Export of usage data / integration with billing
- Resource budgets ("500 emails / month for the free tier")
- Integration with existing CRM
- Options for monitoring
- Customer-facing software must allow custom themes
- often procured / developed, installed, administered and used by dedicated groups
- several of these groups can belong to distinct organizations
- high up-front costs are often tolerated (procurement/development, non-trivial installation, training for users/admins)
That's a tough one.
The main thing I can think of right now resolves around APIs.
For example, DBI became successful because it offers a uniform API to relational databases, and pluggable backends.
Maybe we can write a uniform API for user authentication, authorization and providing meta data (maybe also sessions)?
What are other areas that might benefit from uniform APIs and pluggable backends?
- configuration
- logging
- administration frontends (?)