Skip to Content.
Sympa Menu

devel - Re: [sympa-dev] ldap authentication

Subject: Developers of Sympa

List archive

Re: [sympa-dev] ldap authentication

Chronological Thread  
    < Chronological >       < Thread >
  • From: Lynda Hamadouche <address@concealed>
  • To: FALCONNIER Eric <address@concealed>
  • Cc: address@concealed, address@concealed, address@concealed
  • Subject: Re: [sympa-dev] ldap authentication
  • Date: Thu, 02 Aug 2001 14:50:51 +0200

Hello,
I am currently working on Sympa at the CRU and i am in charge of the
LDAP Authentication.


FALCONNIER Eric wrote:
>
> Hello,
>
> We are developping a new software developpment platform under GPL
> sponsorised by the GET (Telecom Schools Group in France)
> (http://picolibre.eu.org) and we have chosen Sympa to manage the mailing
> lists. All the users of the platform are stored in a ldap directory with
> a POSIX account and we would like to use the password of this account for
> the authentication on Sympa.


> 1) When will the authentication with ldap work ? I have read in the
> mailing list archive that you are dealing with it.

I have added this feature in Sympa on a development version.
A beta version is planned at the end of the summer or september.
It will include the LDAP authentication.
The Ldap authentication we have developped permits to authenticate
Users, belonging to an ldap directory, via their uid, canonic email and
alternate email.

The replication is taken in charge, that means that if the
first server is not available Sympa will request the slave server.
Moreover you can define many ldap directories, Every user who want to
authenticate should use the password of the directory he belongs.So, the
module of authentication enables to treat the cases of homonyms, indeed
if the password is bad for the 1-st ldap directory , Sympa will try to
bind to the a second directory etc... until the user's password works .

When someone wants to authenticate in Sympa, first the user is searched
in the User_table, and if it doesn't work, we try to bind to the ldap
directory defined in the ldap configuration.


Then, we have added the possibility to CANONIFY your preferences and
subscriptions, that is to say that if you belong to User_table or
Subscriber_Table with alternate emails, Sympa allow you to use one email
: your canonic email(ex: address@concealed). in this case the
authentication is still available (uid,canonic email and alternate
email).

I haven't worked on the referrals in an Ldap directory yet.

> 2) Is it possible to use the encrypted password of the POSIX account in
> the users table of sympa database ?

In fact if you fill the table User with the encrypted password of the
POSIX account, Sympa will take them into account and the classic
authentication in Sympa will work.



I wish i had answered correctly and efficiently to your questions.

Archive powered by MHonArc 2.6.19+.

Top of Page