Ok, getting back to LDAP Sync. This opened a big can of worms but it's going to end up a lot cleaner. Currently we map LDAP entries to Citadel accounts by using (or deriving) a uid, and then passing that through the same way we would if we were using Unix authentication. This requires a sequential search of the user table, which is ugly. Rather than build yet another index, I'm goingf to to make use of the CDB_OPENID table, which I've internally renamed to CDB_EXTAUTH. You can see where I'm going with this. Right now, the key is an OpenID URI. But there is no reason we can't put other types of keys in there. We can put fake URI's like "uid:123456" or "ldap:cn=foo,dc=bar" (and I'm currently trying to decide which makes more sense). Later on we can add other auth protocols like SSO ( SAML) or OAuth or whatever and still use the same table. But for now, if we're going to scan LDAP every five minutes and map user ID's, we can't be doing all those sequential searches.
- [Citadel Development] (no subj... IGnatius T Foobar
- [Citadel Development] (no subj... bennabiy
- [Citadel Development] (no subj... IGnatius T Foobar
- [Citadel Development] (no subj... bennabiy
- Re: [Citadel Development] (no ... Robert J. Clay
- Re: [Citadel Development] (no ... bennabiy
- Re: [Citadel Development] (no ... IGnatius T Foobar
- Re: [Citadel Development] (no ... bennabiy
- Re: [Citadel Development] (no ... IGnatius T Foobar
- Re: [Citadel Development] (no ... IGnatius T Foobar
- Re: [Citadel Development] (no ... IGnatius T Foobar
- Re: [Citadel Development] (no ... bennabiy
- Re: [Citadel Development] (no ... IGnatius T Foobar
- Re: [Citadel Development] (no ... bennabiy
- [Citadel Development] (no subject) IGnatius T Foobar
- [Citadel Development] (no subject) IGnatius T Foobar
- [Citadel Development] (no subject) bennabiy
- [Citadel Development] (no subject) bennabiy
- [Citadel Development] (no subject) IGnatius T Foobar
- [Citadel Development] (no subject) bennabiy
- [Citadel Development] New LDAP sync cod... IGnatius T Foobar