Difference between revisions of "stoney core: Authentication Resource Mapping (REST - LDAP)"
From stoney cloud
[unchecked revision] | [unchecked revision] |
(→Auth Retrieval (GET)) |
(→Auth Retrieval (GET)) |
||
Line 5: | Line 5: | ||
== Auth Retrieval (GET) == | == Auth Retrieval (GET) == | ||
The following sequence describes the authentication and role retrieval: | The following sequence describes the authentication and role retrieval: | ||
− | # Look-up the user in the OpenLDAP directory in the ou=people,dc=stoney-cloud,dc=org sub tree(with a configurable LDAP service user): | + | # Look-up the user in the OpenLDAP directory in the ou=people,dc=stoney-cloud,dc=org sub tree (with a configurable LDAP service user): |
#: filter: <code>(mail=name.surname@example.com)</code> | #: filter: <code>(mail=name.surname@example.com)</code> | ||
#: scope: <code>one</code> | #: scope: <code>one</code> | ||
Line 13: | Line 13: | ||
# If the bind was successful, retrieve further information with the LDAP service user from the leaf uid=<UID>,ou=people,dc=stoney-cloud,dc=org. | # If the bind was successful, retrieve further information with the LDAP service user from the leaf uid=<UID>,ou=people,dc=stoney-cloud,dc=org. | ||
− | + | Information about the configurable LDAP service user: | |
− | + | * Currently, the LDAP service user is cn=Manager,dc=stoney-cloud,dc=org | |
+ | * Later on, this will be a [[stoney_core:_OpenLDAP_directory_data_organisation#Services | LDAP service user]]. | ||
=== Auth Retrieval (GET) Mapping === | === Auth Retrieval (GET) Mapping === |
Revision as of 14:14, 1 May 2014
Also visit stoney core: Authentication Resource - REST API.
Contents
Overview
Auth Action
Auth Retrieval (GET)
The following sequence describes the authentication and role retrieval:
- Look-up the user in the OpenLDAP directory in the ou=people,dc=stoney-cloud,dc=org sub tree (with a configurable LDAP service user):
- filter:
(mail=name.surname@example.com)
- scope:
one
- filter:
- If the user exists, try to bind with the users credentials.
- bind dn:
uid=<UID>,ou=people,dc=stoney-cloud,dc=org
- password:
myverysecretpassword
- bind dn:
- If the bind was successful, retrieve further information with the LDAP service user from the leaf uid=<UID>,ou=people,dc=stoney-cloud,dc=org.
Information about the configurable LDAP service user:
- Currently, the LDAP service user is cn=Manager,dc=stoney-cloud,dc=org
- Later on, this will be a LDAP service user.
Auth Retrieval (GET) Mapping
API Attribute | LDAP Attribute |
---|---|
id | uid |
user |