Opened 18 years ago
Last modified 16 years ago
#1728 new enhancement
Configuration from LDAP tree
| Reported by: | Owned by: | sdlime | |
|---|---|---|---|
| Priority: | normal | Milestone: | FUTURE |
| Component: | MapServer CGI | Version: | unspecified |
| Severity: | minor | Keywords: | |
| Cc: |
Description (last modified by )
LDAP is fast, easy to administrate.
When using a lot of configuration files, i have to run batch scripts because a
big part of configuration files is shared (even layers). This could be solved by
bug 279. And also using ldap aliases.
LDAP support should be done with different steps:
- writing LDAP schema (as openldap .schema file, for example), basicly one entry
for each attribute and one for each object. For this it is necessary to
register, see http://www.openldap.org/faq/data/cache/391.html and
http://www.iana.org/cgi-bin/enterprise.pl
- writing an LDAP to .map script
- .map to LDAP script
(the three first points can be done outside of mapserver code)
- include support to LDAP in the Mapserver API (something like new
MapObj("ldap://server:port/cn=mymap,cn=base,o=org")
Major enhancements of this are:
- Easier to administrate (less error because you change one object at a time and
the tree structure is always kept
- Possibility to have privileges (some users can only read/write some nodes)
- nothing to learn, ldap schema is following mapfile reference
- aliases: if one layer is shared between several map-files (map-ldap), you only
need to make an alias
- replication server instantly (with dns load-balancing, if one ldap server is
down, replication servers are working)
Note:
See TracTickets
for help on using tickets.
