[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using LDAP for Auth & Access Control?

To: Chris Starling <starling@westel.net>
Subject: Re: Using LDAP for Auth & Access Control?
From: David J N Begley <david@avarice.nepean.uws.edu.au>
Date: Wed, 1 Dec 1999 16:14:44 +1100 (EST)
Cc: openldap-general@OpenLDAP.org
In-reply-to: <19991130235200.AAA20259@misbase.harte-hanks.com>

On Tue, 30 Nov 1999, Chris Starling wrote:

> Now, I'm struggling trying to assimilate all this LDAP information I'm
> reading online into my RDBMS-oriented brain.  And I'm wondering:

A few resources (by no means the only ones) that compare/contrast RDBMs and
directories:

"Why do I need a Directory when I could use a Relational Database?"
http://www.stanford.edu/~hodges/talks/EMA98-DirectoryServicesRollout/Steve_Kille/

IBM: Understanding LDAP
http://publib.boulder.ibm.com/pubs/pdfs/redbooks/sg244986.pdf

> Is there a good example or case study available online that illustrates
> the use of LDAP for a authentication & access control implementation?

It's not "good", but its something to add to your collection (has a lot of
additional URLs at the end of the report that may help):

http://www.nepean.uws.edu.au/users/david/qn99/

> I'm reading the mailing list archives and searching the web, but I have
> yet to find a good example that will really help me understand how to
> adapt LDAP's objects for this application.

"This application" is generic - to really get down to the nitty gritty of
object classes and attributes you need to be specific about the application's 
requirements and expectations.

> If there's a book with this information in it, I'd be interested to hear
> about it as well.

http://www.ldapcentral.com/books.html
http://developer.netscape.com/docs/books/macmillan/ldap/ldapbk.html
http://www.amazon.com/exec/obidos/ASIN/1578700000/qid=943578112/sr=1-3/103-2641196-9936638
http://www.wrox.com/Consumer/Store/Details.asp?ISBN=1861002211

Last weekend I picked up a copy of John Strassner's "Directory Enabled
Networks":

http://www.amazon.com/exec/obidos/ASIN/1578701406/qid=944024513/sr=1-1/102-6410869-0624851

It's more about DEN, policy-driven networking and information modelling, but
covers some of the implementation in LDAP as well.

> It just seems like everything I read about LDAP lists all these varied and
> different applications it can be used for, but all the examples I'm
> reading are for simple phonebook type directories.

For that very reason - they're simple and easy.  ;-)  (In reality of course
the answer is more complicated than that.)

dave

References:
- Using LDAP for Auth & Access Control?
  - From: starling@westel.net (Chris Starling)

Prev by Date: OpenLDAP and PerLDAP 1.4
Next by Date: Re: ASN.1/DER compiler
Index(es):
- Chronological
- Thread