[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Confused about LDAP in general



>However, if you are looking to implement a non-trivial authorization
>service, I would suggest moving the decision making outside of ldap. 

What you want is SASL,  let people use shared secret files, Kerberos, 
LDAP, LDAP integreated with Kerberos, whatever....  SASL is an 
authorization package/service, LDAP is not.  LDAP is just a hierarchical 
data repository that just about every app knows how to query, which is 
great in itself.