[Date Prev][Date Next]
Storing a temporary key in LDAP
We want to authenticate website members against LDAP. If the
user applies for membership and they qualify, they are sent an
URL with a key:
The key is also stored in LDAP. It is valid for a limited period.
When they attempt registration, their key is validated against
the key in LDAP. If it's valid, they register, and the key becomes
redundant. Otherwise, they are told to apply for a key, or to
re-apply if the key has expired.
My question: is storing this temporary key in LDAP a proper use
of LDAP? Is there a common pattern that can be followed in this
kind of situation?
Perhaps I'll have more luck getting an answer with this query.
(If my previous queries lack the information required for an
answer, won't someone please tell me what I should add?)