[OpenAFS] LDAP authentication
Derek Atkins
warlord@MIT.EDU
Fri, 23 Sep 2005 22:06:52 -0400
Quoting S P Arif Sahari Wibowo <arifsaha@yahoo.com>:
>> LDAP is a directory service, not an authentication service.
>
> Correction: "not *only* an authentication service". :-) LDAP can be
> an effective and secure authentication service, like how the linux
> machines here do it.
It's not at all secure. How can I use LDAP to get me a single-singon
token that
I can use to authenticate to a service without having to retype my
authentication password? No, sorry, LDAP is *JUST* a directory service. One
could use NIS, Hesiod, or even SQL instead of LDAP and have a 1:1 mapping of
features. LDAP is *NOT* an authentication service. If you think it is, then
you are just confused.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available