• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

defining a schema in LDAP

 
Rishi Singh
Ranch Hand
Posts: 321
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
we are using OID for authentication and Oracle 9i DB for authorization.now based on the database schema we hve to come up with a LDAP schema so tht we can move the authorization part in OID.would like to hve some inputs as to how to come up with a OID schema.
Rishi
SCJP,SCWCD
 
Clayton Donley
Author
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,
It really depends on what you currently have in your database.
If you mostly just associate users with various roles or such within the database, you might be able to simply create various groups to correspond to those various roles. One class that could be used for this purpose is the groupOfUniqueNames class. One could list the people that have that role by listing them inside those group entries.
The alternative is to associate that the user-related authorization information directly within the user entries by extending the inetOrgPerson class or such.
If you are storing information about authorization targets, or roles that associate users/groups, actions, and targets, you'll not find a lot of widely used LDAP schema that can be reused with off-the-shelf components, though this doesn't limit you from using LDAP for this purpose (Netegrity and other products do exactly that).
Clayton
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic