Re: [PHP] Centralizled Authentication
AmirBehzad Eslami wrote: Dear list, We have dozen of applications, mostly written in PHP and Python. They're distributed on different servers, but i'm trying to integrate them somehow. Each application has its own users. Is there a way to store all username/passwords into a single datasource and give each user, her proper permissions? Since i'm just a php-programmer, i *thought* of a MySQL database to hold these data, and then use a SOAP-Server to handle the authentication across those applications. Once a user provides her username/password, a SOAP Request will be made to a PHP-Driven Authentication Server, which handles the job to check the permissions and user's identity. It sounds slow, isn't it? Is there a better solution? How do you make authentication across a network of applications? Central directory service accessed with LDAP. Typical examples include Microsofts Active Directory, Novells eDirectory and openLDAP. -- Per Jessen, Zürich (-1.4°C) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Centralizled Authentication
Suppose you're running phpBB with another php-driven application. phpBB has a user table where the username/password/email/.. of each user is stored at mysql. Once a user logs-in to the website, the Last Login timestamp updates on the users table at mysql. How do I use LDAP in this type of application? 1) Move entire records of Users and their attributes (e.g. last_login_time) to LDAP server? In this mehtod, after each successfull login request, I also need to update the related record on LDAP. 2) Should I use LDAP to store only the username and passwords? In this method, I need to update the record on MySQL database, but I should keep the MySQL and LDAP syncronized, since a user may want to change her password. What do you think guys? Please let me know.
Re: [PHP] Centralizled Authentication
AmirBehzad Eslami wrote: Suppose you're running phpBB with another php-driven application. phpBB has a user table where the username/password/email/.. of each user is stored at mysql. Once a user logs-in to the website, the Last Login timestamp updates on the users table at mysql. How do I use LDAP in this type of application? 1) Move entire records of Users and their attributes (e.g. last_login_time) to LDAP server? In this mehtod, after each successfull login request, I also need to update the related record on LDAP. 2) Should I use LDAP to store only the username and passwords? In this method, I need to update the record on MySQL database, but I should keep the MySQL and LDAP syncronized, since a user may want to change her password. LDAP is only the access method, you can store the information whichever way you want. mysql is probably not a bad idea. -- Per Jessen, Zürich (-0.9°C) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Centralizled Authentication
On Thu, Dec 2, 2010 at 8:06 AM, AmirBehzad Eslami behzad.esl...@gmail.comwrote: Dear list, We have dozen of applications, mostly written in PHP and Python. They're distributed on different servers, but i'm trying to integrate them somehow. Each application has its own users. Is there a way to store all username/passwords into a single datasource and give each user, her proper permissions? Since i'm just a php-programmer, i *thought* of a MySQL database to hold these data, and then use a SOAP-Server to handle the authentication across those applications. Once a user provides her username/password, a SOAP Request will be made to a PHP-Driven Authentication Server, which handles the job to check the permissions and user's identity. It sounds slow, isn't it? Is there a better solution? How do you make authentication across a network of applications? OAuth comes to mind... -- http://blogs.linux.ie/kenguest/
Re: [PHP] Centralizled Authentication
Or OpenID. b. On 2 December 2010 11:48, Ken Guest k...@linux.ie wrote: On Thu, Dec 2, 2010 at 8:06 AM, AmirBehzad Eslami behzad.esl...@gmail.comwrote: Dear list, We have dozen of applications, mostly written in PHP and Python. They're distributed on different servers, but i'm trying to integrate them somehow. Each application has its own users. Is there a way to store all username/passwords into a single datasource and give each user, her proper permissions? Since i'm just a php-programmer, i *thought* of a MySQL database to hold these data, and then use a SOAP-Server to handle the authentication across those applications. Once a user provides her username/password, a SOAP Request will be made to a PHP-Driven Authentication Server, which handles the job to check the permissions and user's identity. It sounds slow, isn't it? Is there a better solution? How do you make authentication across a network of applications? OAuth comes to mind... -- http://blogs.linux.ie/kenguest/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php