Difference between revisions of "stoney core: Authentication Resource Mapping (REST - LDAP)"
From stoney cloud
[unchecked revision] | [unchecked revision] |
(→Auth Mapping) |
|||
Line 2: | Line 2: | ||
= Overview = | = Overview = | ||
− | = Auth | + | = Auth Action = |
− | == Auth | + | == Auth Retrieval (GET) == |
The following sequence describes the authentication and role retrieval: | The following sequence describes the authentication and role retrieval: | ||
# Look-up the user in the OpenLDAP directory (with a configurable service user): | # Look-up the user in the OpenLDAP directory (with a configurable service user): | ||
Line 11: | Line 11: | ||
# If the bind was successful, retrieve the users [[stoney_core:_OpenLDAP_directory_data_organisation#People_Roles | roles]] with the service user. | # If the bind was successful, retrieve the users [[stoney_core:_OpenLDAP_directory_data_organisation#People_Roles | roles]] with the service user. | ||
− | === Auth Mapping === | + | === Auth Retrieval (GET) Mapping === |
{| border="1" class="wikitable sortable" | {| border="1" class="wikitable sortable" | ||
! API Attribute | ! API Attribute | ||
Line 20: | Line 20: | ||
| colspan=4 | [[stoney_core:_OpenLDAP_directory_data_organisation#People_uid_.28per_person.29 | People uid (per person) ]] | | colspan=4 | [[stoney_core:_OpenLDAP_directory_data_organisation#People_uid_.28per_person.29 | People uid (per person) ]] | ||
|- | |- | ||
− | || '''id''' || uid= | + | || '''id''' || uid=4000002,ou=people,dc=stoney-cloud,dc=org || uid || Always read-only. |
|- | |- | ||
− | || | + | || user || uid=4000002,ou=people,dc=stoney-cloud,dc=org || mail || |
− | + | ||
− | + | ||
|- | |- | ||
| colspan=4 | [[stoney_core:_OpenLDAP_directory_data_organisation#People_Roles | People Roles ]] | | colspan=4 | [[stoney_core:_OpenLDAP_directory_data_organisation#People_Roles | People Roles ]] | ||
|- | |- | ||
− | || | + | || roles || uid=4000002,ou=people,dc=stoney-cloud,dc=org || sstRole || |
|- | |- | ||
Revision as of 15:22, 29 April 2014
Also visit stoney core: Authentication Resource - REST API.
Contents
Overview
Auth Action
Auth Retrieval (GET)
The following sequence describes the authentication and role retrieval:
- Look-up the user in the OpenLDAP directory (with a configurable service user):
- Currently, this will be cn=Manager,dc=stoney-cloud,dc=org
- Later on, this will be a service user.
- If the user exists, try to bind with the users credentials.
- If the bind was successful, retrieve the users roles with the service user.
Auth Retrieval (GET) Mapping
API Attribute | LDAP Object DN | LDAP Attribute | Details |
---|---|---|---|
People uid (per person) | |||
id | uid=4000002,ou=people,dc=stoney-cloud,dc=org | uid | Always read-only. |
user | uid=4000002,ou=people,dc=stoney-cloud,dc=org | ||
People Roles | |||
roles | uid=4000002,ou=people,dc=stoney-cloud,dc=org | sstRole |