[OPEN-ILS-GENERAL] Evergreen and LDAP
Dan Scott
dan at coffeecode.net
Tue Jul 26 17:09:50 EDT 2011
On Tue, Jul 26, 2011 at 3:39 PM, Gordana Vitez <gvitez at niagaracollege.ca> wrote:
> Hi there,
>
> Lori, thanks for the search suggestion. I should have mentioned in my email
> that I did do the search but didn't find mention of anyone actually using
> it.
>
> Jason, thanks for letting me know it's a no right now.
>
> Is this something other libraries might benefit from? Would this be more
> trouble than it's worth to develop? or would there be interest in the
> community to pursue LDAP for Evergreen?
Hi Gordana:
When I return to Laurentian full-time in September, I'm supposed to
begin working on LDAP authentication as one of my projects (along with
migrating us to Evergreen acquisitions and other efforts). Reducing
the number of user names / passwords that our campus students have to
manage would be a big win around here.
One of the primary challenges that I foresee is supporting multiple
LDAP servers per Evergreen instance (for example, our use case is a
Laurentian student should authenticate against a Laurentian LDAP
server while Windsor students should authenticate against a Windsor
LDAP server). If it's not too much of a performance hit to go to the
database, check the user name/barcode and find the org_unit LDAP
settings based on the user's home_ou, and then perform the LDAP
authentication against the actual LDAP server (or built-in if no LDAP
settings exist) before returning the results of the authentication
attempt, then this might not be a big deal.
Dan
More information about the Open-ils-general
mailing list