• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Tim Cooke
  • Jeanne Boyarsky
  • Liutauras Vilda
Sheriffs:
  • Frank Carver
  • Henry Wong
  • Ron McLeod
Saloon Keepers:
  • Tim Moores
  • Frits Walraven
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Himai Minh

User authentication via LDAP - AD ? How to design?

 
Ranch Hand
Posts: 255
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I want to authenticate the user via LDAP -> Active Directory, please let me know how we can design it? Whether all the username and the respective password should be added in the AD upfront , so that we will check the user logged in credentials is available in AD via LDAP, if available authentication successful else failed? Whether for the successful authentication we will store the user name and password in the DEV DB as well for internal purpose (or) we will have these user credentials stored upfront in the DB manually like in AD?
For the failed user authentication, is it possible to create an AD account with some basic user details automatically via the application (OR) whether the failed user credentials again should be added in the AD to be processed again? I am really confused on how we can design this? Please let me know your opinion on the same.

Thanks
 
Rithanya Laxmi
Ranch Hand
Posts: 255
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Guys any update on this?
 
Bartender
Posts: 3648
16
Android Mac OS X Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you are using AD/LDAP, then you shouldn't need to store such user/password in a database, even during testing or development. Depending on your company, there may be several AD domain controllers for different purposes/environments.

If you have the concept of "roles" in your app then you may want to store these in the database, since these roles may not be the same as the roles using in AD.

The password definitely not needed to be stored because it's from the AD server.
 
To avoid criticism do nothing, say nothing, be nothing. -Elbert Hubbard. Please critique this tiny ad:
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic