password storage (Stuart Jansen)

Levi Pearson levipearson at gmail.com
Wed Feb 2 10:28:56 MST 2011


On Wed, Feb 2, 2011 at 8:05 AM, Michael Torrie <torriem at gmail.com> wrote:
> On 02/01/2011 07:50 PM, Make Compile wrote:
>> Tnx guys for the affirmative response. Yes sir similar to LDAP. I
>> mean could there be any open source technologies that has the
>> capability as well to centralized all the password and by then when
>> the user login on his/her webserver like sample nagios the username
>> and password should come from this authentication technology.
>
> You really do want to use LDAP, whether it is OpenLDAP, Fedora DS, or
> even MS Active Directory.
>
> Note that technically LDAP is not an authentication mechanism, rather
> it's a authorization mechanism.  It can supply user information.  It can
> do authentication also, but you should probably also look into Kerberos
> for authentication.  Or on web stuff, CAS.  That said, for starters,
> LDAP alone probably has what you need.

To be really pedantic about it, LDAP is neither an authentication nor
an authorization mechanism.  It's a directory service.  It just so
happens that you can access the information necessary for
authentication and authorization processes with it, among other things
such as real names, addresses, phone numbers, etc.  Think of LDAP as
an interface to access a simple hierarchical database.  It does not
specify the database storage system, just the method of accessing it.
It was originally meant to access databases following the X.500
directory database standard, in fact, but I don't really know whether
any implementation you're likely to use actually stores its data in
accordance with the full X.500 standards.

        --Levi


More information about the PLUG mailing list