[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP and third party authentication integration

To: Any Joe <daffodil_wind@yahoo.com>
Subject: Re: OpenLDAP and third party authentication integration
From: Dan White <dwhite@olp.net>
Date: Tue, 14 Dec 2010 09:56:44 -0600
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <514231.6255.qm@web56403.mail.re3.yahoo.com>
References: <514231.6255.qm@web56403.mail.re3.yahoo.com>
User-agent: Mutt/1.5.20 (2009-06-14)

On 13/12/10 17:56 -0800, Any Joe wrote:

I need some pointers on how to integrate a third party web-based auth
system and OpenLDAP. Our reqs are as follows

1. We dont store passwords (or hashes) in LDAP and they are dont-care for us; for backward compatibility we may still have some admin/admin-password credentials on LDAP). In other words, reg-users are not authenticated against LDAP, but we use LDAP for directories and corp-info repository purposes.

2. Third party app will authenticate and may access user info in LDAP depending on the applications

3. Users will be created, deleted and modified on LDAP directories, but again passwords are dont-cares


It sounds like you are wanting to use LDAP simply as a data store - your
users will not need to authenticate directly to the LDAP server.

If that's the case, then you should work out what user information you want
to store, such as email address, phone number, name, etc. Object classes
person, organizationalPerson, or residentialPerson might be a good place to
start.

Doing a google search for 'ldap tutorial' has some good examples, and the
ldap mailing list at:

http://www.umich.edu/~dirsvcs/ldap/mailinglist.html

is another good resource.

--
Dan White

References:
- OpenLDAP and third party authentication integration
  - From: Any Joe <daffodil_wind@yahoo.com>

Prev by Date: Re: Syncrepl attrs selection
Next by Date: rwm overlay missing
Index(es):
- Chronological
- Thread