LDAP Support?

Authored by: Anonymous on Wednesday, January 09 2002 @ 03:33 AM EST

My two cents are that this would get some use, but how much use it would see is dependent upon the LDAP management and setup tools available in other products. At my job, I\'ll be putting in a MacOS X Server system this summer. I\'ve been told that it can export its user authentications through LDAP. We\'re already using IMAP on a FreeBSD server, too. We use IMAP authentication for several web apps.

My suggestion is to take the following steps:
1) Abstract the current authentication system out of the code base and put it in something like lib/auth/standalone.php.
2) Write the LDAP stuff and put it in lib/auth/ldap.php
3) If you want, write some IMAP authentication stuff and put it in lib/auth/imap.php
4) Make a variable in config.php that reads the correct authentication library. Each file has the same variable names and function names and the same output format, so it would be easy to interchange them.

I have seen this done successfully. I started down this path on a project that I ran a year and a half ago and this is how TWIG works. I know you hate TWIG, but this is one of its good points and it actually does work.

Anyway, if GeekLog had the above setup today, I\'d grab the IMAP authenticator in a heartbeat. Once the MacOS X Server controlled logins on our MacOS workstations, I\'d consider switching to LDAP. Since its not available today, I\'d probably wait until the MOSXS system is in place and then look into its LDAP tools. I\'d make up my mind mostly based on the feelings of my users and the ease of the LDAP system administration. I have a feeling that you\'ll see that a lot, too. LDAP is a great tool that most geeks have at least heard of. Many/most of us haven\'t started using it only due to the complexity of setup within the classic text-only environment of Linux and BSD.

Hope my babbling helps. :)

[ Reply to This | # ]

Authored by: Tony on Wednesday, January 09 2002 @ 06:35 AM EST

First, let me say I don\'t hate TWIG. I used TWIG for a year and some generally annoyances pushed me to try other things and I settled on SquirrelMail.

Your ideas on implementing authentication in Geeklog is right on and farily easy to do. Would you be willing to contribute the IMAP authentication module? I can seperate the current standalone stuff and possibly the LDAP stuff.

Who am I talking to anyway?

[ Reply to This | # ]

Authored by: tbehle on Wednesday, January 09 2002 @ 03:40 PM EST

We have LDAP authentication for everything we were able to
get it for: IMAP, webmail, netatalk (via pam_ldap), squid-auth.
Everything uses the same database - it\'s great!

[ Reply to This | # ]

Authored by: jimphelps on Friday, October 11 2002 @ 12:44 PM EDT

This is an old thread but here goes...

I would love to see an LDAP authentication/account management module for Geeklog.

- Jim

[ Reply to This | # ]

Authored by: Mathelart on Wednesday, December 04 2002 @ 01:13 AM EST

It should be a really great improvement to Geeklog !
But if you don\'t have time, and if it\'s not too complicated (the concerned source code is limited to one php file, not ten), maybe I could try ...

[ Reply to This | # ]