« An Answer to "What is… | Home | IBM Developerworks on… »

31 May 2006 - 07:11"Single Directory Paradigm"

Radovan Semančik talks about the "single directory paradigm", the dream that a large enterprise will set up a single identity or authentication directory. With one quibble about whether the Directory should be an Authentication application, I think we'd agree.

Radovan's concerns about applications looking for unique objectClasses and the like are spot on and are what many open source projects are finally fixing. But his rant about the Directory not being an Authentication application is a bit off the mark.

A lot of work has gone into extending OpenLDAP to help it properly support pluggable authentication modules (PAM). Symas has created a distribution of the PAM modules for OpenLDAP built by PADL and that opens up many other forms of authentication. OpenLDAP also supports SASL for its own authentication, a major extension.

Having said that, the rest of the article makes a lot of sense.

... Marty

---

No comments:

---

No trackbacks:

---

Name:			Remember personal info? Yes No
Email:
URL:
Comment:		Emoticons / Textile
Comment moderation is enabled on this site. This means that your comment will not be visible on this site until it has been approved by an editor.   ( Register your username / Log in )
Notify:		Yes, send me email when someone replies.
Hide email:		Yes, hide my email address.
Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.