Difference between revisions of "stoney core: Authentication Resource Mapping (REST - LDAP)"
From stoney cloud
| [unchecked revision] | [unchecked revision] |
(→Auth retrieval (GET)) |
(→Auth retrieval (GET)) |
||
| Line 7: | Line 7: | ||
#: Currently, this will be cn=Manager,dc=stoney-cloud,dc=org | #: Currently, this will be cn=Manager,dc=stoney-cloud,dc=org | ||
#: Later on, this will be a [[stoney_core:_OpenLDAP_directory_data_organisation#Services | service user]]. | #: Later on, this will be a [[stoney_core:_OpenLDAP_directory_data_organisation#Services | service user]]. | ||
| − | # If the user exists, try to bind with the [[stoney_core:_OpenLDAP_directory_data_organisation#People_uid_.28per_person.29 | users credentials]]. | + | # If the user exists, try to bind with the [[stoney_core:_OpenLDAP_directory_data_organisation#People_uid_.28per_person.29 | users credentials]]. |
| − | + | ||
| − | + | ||
# If the bind was successful, retrieve the users [[stoney_core:_OpenLDAP_directory_data_organisation#People_Roles | roles]]. | # If the bind was successful, retrieve the users [[stoney_core:_OpenLDAP_directory_data_organisation#People_Roles | roles]]. | ||
Revision as of 16:55, 28 April 2014
Overview
Auth action
Auth retrieval (GET)
The following sequence describe the authentication and role retrieval:
- Look-up the user in the OpenLDAP directory (with a configurable user:
- Currently, this will be cn=Manager,dc=stoney-cloud,dc=org
- Later on, this will be a service user.
- If the user exists, try to bind with the users credentials.
- If the bind was successful, retrieve the users roles.
