[prev in list] [next in list] [prev in thread] [next in thread] 

List:       perl-ldap-dev
Subject:    Re: Perl : LDAP : Authorize user for a service
From:       Mike Jackson <mjj () isorauta ! ntc ! nokia ! com>
Date:       2004-10-28 10:13:16
Message-ID: 20041028101316.GA8461 () isorauta ! ntc ! nokia ! com
[Download RAW message or body]

ext Asu Vohra (asu_vohra@yahoo.com) wrote:
> Hi,
> 
> I am new to LDAP. Can anyone tell me how can I authorize a user in LDAP for a \
> particular service using Perl? 

Hi,
 The LDAPv3 standard only provides an authentication interface "BIND".

 Before you consider how you will authorize a user, you have to design and
implement an authorization system. Some people try to do this in the
LDAP directory, but it typically does not perform very well because
of the highly relational nature of the data, unless you do very heavy
indexing. These types of systems must handle lots of concurrent operations
and are not allowed to be slow.

 In all the A&A systems I have designed, I did authentication from an
LDAP directory and authorization from a relational database.

BR,
--
mike


[prev in list] [next in list] [prev in thread] [next in thread]