[Date Prev][Date Next]
Re: Simple question about LDAP and web authentication.
On Tuesday, 22 June 2010 00:37:41 Bryan Boone wrote:
> Hi everyone. I am a noob to LDAP and I have a question.
> I am on a team that is building a special server. This server will be
> running linux with an apache web server with PHP and apache is running a
> special website that we designed.
> I need to have the website be able to query LDAP servers for web
> authentication. So when a user connects to this special web server, they
> are prompted for a user name and password. Then I want to have the
> website check the LDAP server to make sure that the user is indeed a user
> of the website on our special server. So in a sense our special server
> will be an LDAP client.
> So my question is??? Is an LDAP client to be run as a Daemon or service?
No daemon is necessary.
> Is this what OpenLDAP provides?
OpenLDAP provides libraries, a server, and some commandline client utilities.
> Or can I simply use function calls (from
> PHP or C) from the OpenLDAP library for the authentication?
Yes, you can use php_ldap or similar, or you can have your application rely on
the web server to do the authentication. Apache has an authentication module
> Basically all I need is...
> The user brings up the web page.
> The user enters in the user name and password.
> The server uses PHP or C to check to see if the entered information matches
> an LDAP server. The web grants or denies access.
> The LDAP server connection is closed.
> No other actions or information from the LDAP server is needed.
Well, you said you need to "make sure that the user is indeed a user of the
website". Are all users in the LDAP directory users of the website? If not,
you may need a little bit more ...