[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Confused about LDAP in general

To: Sasha Romanosky <sasha_romanosky@yahoo.com>
Subject: RE: Confused about LDAP in general
From: Adam Williams <awilliam@whitemice.org>
Date: Fri, 15 Nov 2002 21:53:38 -0500 (EST)
Cc: k15a-list-openldap@mail.theotherbell.com, <OpenLDAP-software@OpenLDAP.org>
In-reply-to: <000201c28d0f$44a539e0$6401a8c0@romanosky.net>

>However, if you are looking to implement a non-trivial authorization
>service, I would suggest moving the decision making outside of ldap. 

What you want is SASL,  let people use shared secret files, Kerberos, 
LDAP, LDAP integreated with Kerberos, whatever....  SASL is an 
authorization package/service, LDAP is not.  LDAP is just a hierarchical 
data repository that just about every app knows how to query, which is 
great in itself.

References:
- RE: Confused about LDAP in general
  - From: "Sasha Romanosky" <sasha_romanosky@yahoo.com>

Prev by Date: RE: Confused about LDAP in general
Next by Date: Re: OT: Confused about LDAP in general
Index(es):
- Chronological
- Thread