Apache: Authentication and authorization against an LDAP server

mod_psldap is an Apache module for leveraging LDAP services built on the OpenLDAP library and the Apache APIs, to include web based A&A, web based updates to the LDAP store, server-side XSLT processing, and session management across servers.

Features

  • Functions against a secure LDAP server
  • Does not require administrative access to the LDAP server
  • LDAP connection configurations can be set within a base URL
  • Multiple LDAP servers can be utilized for authentication
  • Management of search scope for identifying user to authenticate
  • Configurable user, group, and password attribute selection
  • Allows password comparison in the module or in the LDAP server
  • Kerberos authentication to the LDAP server
  • Identifies group membership based on an attribute value in the LDAP record
  • Leverages LDAP based groups for authentication
  • Is capable of cookie based authentication
  • Caches authentication results to avoid excessive LDAP related traffic
  • Integration of user account maintenance
  • Web based directory lookups
  • Improved look and feel with card based, tabular, and editable views of LDAP records
  • Tree based browse mechanism
  • VCF export capability
  • Handheld device support
  • Support for browsers that do not perform XSLT.



Share this