Opened 18 years ago
Last modified 16 years ago
#1728 new enhancement
Configuration from LDAP tree
Reported by: | Owned by: | sdlime | |
---|---|---|---|
Priority: | normal | Milestone: | FUTURE |
Component: | MapServer CGI | Version: | unspecified |
Severity: | minor | Keywords: | |
Cc: |
Description (last modified by )
LDAP is fast, easy to administrate. When using a lot of configuration files, i have to run batch scripts because a big part of configuration files is shared (even layers). This could be solved by bug 279. And also using ldap aliases. LDAP support should be done with different steps: - writing LDAP schema (as openldap .schema file, for example), basicly one entry for each attribute and one for each object. For this it is necessary to register, see http://www.openldap.org/faq/data/cache/391.html and http://www.iana.org/cgi-bin/enterprise.pl - writing an LDAP to .map script - .map to LDAP script (the three first points can be done outside of mapserver code) - include support to LDAP in the Mapserver API (something like new MapObj("ldap://server:port/cn=mymap,cn=base,o=org") Major enhancements of this are: - Easier to administrate (less error because you change one object at a time and the tree structure is always kept - Possibility to have privileges (some users can only read/write some nodes) - nothing to learn, ldap schema is following mapfile reference - aliases: if one layer is shared between several map-files (map-ldap), you only need to make an alias - replication server instantly (with dns load-balancing, if one ldap server is down, replication servers are working)
Note:
See TracTickets
for help on using tickets.