[nycphp-talk] LDAP for web authorization?
Randal Rust
randalrust at gmail.com
Tue Nov 21 14:02:27 EST 2006
On 11/21/06, edward potter <edwardpotter at gmail.com> wrote:
> my understanding of LDAP (I was immersed in it for a bit back in the
> boom), is it's really optimized for name/address lookup applications
> (colleges, hospital directories, etc).
That's my understanding as well.
> I know some people have tried
> to use it for securing directories at various levels, not sure how
> that worked out.
Security, although not for directories, is also a part of this
project. A lof of the parent organizations have child records and we
need to secure them based on the user login. I think we'll have to
verify everything based on the user's DN or something. I don't even
want to begin to think about that yet.
> Anything beyond that (as described in your post), is for sure a
> mysql/db type application. The syntax always drove me crazy, I noticed
> the coding pros were all english majors, who hacked LDAP on the side.
I tried, unsuccessfully, to convince the client to ditch LDAP as the
data store and move to MySQL. If he had done that, I would probably be
done with this project by now.
But, at least someone else thinks this is probably not the best
approach. If it comes up again, I can always say that I got some other
opinions:)
--
Randal Rust
R.Squared Communications
www.r2communications.com
More information about the talk
mailing list