LDAP Programming
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me

The Shed is going Social! Join us on FaceBook and Twitter and chime in on the conversation.

Go Back   Dev Shed ForumsDatabasesLDAP Programming
Reload this Page

Application Permissions with LDAP


Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old October 15th, 2009, 12:17 PM
jjjaroscak jjjaroscak is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Oct 2009
Posts: 1 jjjaroscak User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 22 m 30 sec
Reputation Power: 0
Application Permissions with LDAP
Hello, I'm new to LDAP so I need some help with best practices. We have LDAP set up to support single sign on for our internet applications we are developing at work. What we want to do is set up user permissions so that certain people can only see certain things in each application. What is the best way of doing this in LDAP? Is there a way to set up groups or something like that?

Thanks!
Reply With Quote
  #2  
Old October 21st, 2009, 07:38 AM
umbrella's Avatar
umbrella umbrella is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Oct 2008
Posts: 85 umbrella User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 23 h 38 m 31 sec
Reputation Power: 5
yea, it must be specify gid's for those uid's
Reply With Quote
  #3  
Old October 22nd, 2009, 02:24 PM
ldapswandog ldapswandog is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jan 2009
Location: Charlotte, NC
Posts: 111 ldapswandog User rank is Corporal (100 - 500 Reputation Level)ldapswandog User rank is Corporal (100 - 500 Reputation Level)ldapswandog User rank is Corporal (100 - 500 Reputation Level)ldapswandog User rank is Corporal (100 - 500 Reputation Level) 
Time spent in forums: 22 h 18 m
Reputation Power: 8
A best practice would be to only use LDAP Groups when your planning to support less than 5000 uniquemembers in any one group. If your group membership will be greater than 5000 then use a database for authorization. if your going to have more than one ldap group used to authorize users do not exceed 200 users per group and do not exceed 40 groups for any one application. To exceed either of these limits will severely decrease performance of the LDAP group searches. If you need to exceed 40 groups and more than 200 members per group then use an LDAP attribute for authorization and do not search the groups for membership. The attribute 'memberOf' or 'isMemberOf' is usually populated with the DN of the groups in which the user is a uniquemember.
Reply With Quote
Reply

Viewing: Dev Shed ForumsDatabasesLDAP Programming > Application Permissions with LDAP

« Previous Thread | Next Thread »

Developer Shed Advertisers and Affiliates



Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 


Powered by: vBulletin Version 3.0.5
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.

© 2003-2013 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap