[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP and third party authentication integration



On 13/12/10 17:56 -0800, Any Joe wrote:
I need some pointers on how to integrate a third party web-based auth
system and OpenLDAP. Our reqs are as follows

1. We dont store passwords (or hashes) in LDAP and they are dont-care for us; for backward compatibility we may still have some admin/admin-password credentials on LDAP). In other words, reg-users are not authenticated against LDAP, but we use LDAP for directories and corp-info repository purposes.

2. Third party app will authenticate and may access user info in LDAP depending on the applications

3. Users will be created, deleted and modified on LDAP directories, but again passwords are dont-cares

It sounds like you are wanting to use LDAP simply as a data store - your
users will not need to authenticate directly to the LDAP server.

If that's the case, then you should work out what user information you want
to store, such as email address, phone number, name, etc. Object classes
person, organizationalPerson, or residentialPerson might be a good place to
start.

Doing a google search for 'ldap tutorial' has some good examples, and the
ldap mailing list at:

http://www.umich.edu/~dirsvcs/ldap/mailinglist.html

is another good resource.

--
Dan White