Re: [PHP] Centralizled Authentication

2010-12-02 Thread Per Jessen
AmirBehzad Eslami wrote:

 Dear list,
 
 We have dozen of applications, mostly written in PHP and Python.
 They're distributed on different servers, but i'm trying to integrate
 them somehow.
 
 Each application has its own users.
 Is there a way to store all username/passwords into a single
 datasource and give each user, her proper permissions?
 
 Since i'm just a php-programmer, i *thought* of a MySQL database to
 hold these data, and then use a SOAP-Server to handle the
 authentication across those applications.
 
 Once a user provides her username/password, a SOAP Request will be
 made to a PHP-Driven Authentication Server, which handles the job to
 check the permissions and user's identity.
 
 It sounds slow, isn't it? Is there a better solution?
 How do you make authentication across a network of applications?

Central directory service accessed with LDAP.  Typical examples include
Microsofts Active Directory, Novells eDirectory and openLDAP. 



-- 
Per Jessen, Zürich (-1.4°C)


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] Centralizled Authentication

2010-12-02 Thread AmirBehzad Eslami
Suppose you're running phpBB with another php-driven application.
phpBB has a user table where the username/password/email/.. of each user
is stored at mysql. Once a user logs-in to the website, the Last Login
timestamp updates
on the users table at mysql.

How do I use LDAP in this type of application?

1) Move entire records of Users and their attributes (e.g.
last_login_time) to LDAP server?
In this mehtod, after each successfull login request, I also need to update
the related record on LDAP.

2)  Should I use LDAP to store only the username and passwords?
In this method, I need to update the record on MySQL database, but I should
keep the MySQL
and LDAP syncronized, since a user may want to change her password.

What do you think guys? Please let me know.


Re: [PHP] Centralizled Authentication

2010-12-02 Thread Per Jessen
AmirBehzad Eslami wrote:

 Suppose you're running phpBB with another php-driven application.
 phpBB has a user table where the username/password/email/.. of each
 user is stored at mysql. Once a user logs-in to the website, the Last
 Login timestamp updates on the users table at mysql.
 
 How do I use LDAP in this type of application?
 
 1) Move entire records of Users and their attributes (e.g.
 last_login_time) to LDAP server?
 In this mehtod, after each successfull login request, I also need to
 update the related record on LDAP.
 2)  Should I use LDAP to store only the username and passwords?
 In this method, I need to update the record on MySQL database, but I
 should keep the MySQL and LDAP syncronized, since a user may want to
 change her password. 

LDAP is only the access method, you can store the information whichever
way you want.  mysql is probably not a bad idea.



-- 
Per Jessen, Zürich (-0.9°C)


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] Centralizled Authentication

2010-12-02 Thread Ken Guest
On Thu, Dec 2, 2010 at 8:06 AM, AmirBehzad Eslami
behzad.esl...@gmail.comwrote:

 Dear list,

 We have dozen of applications, mostly written in PHP and Python.
 They're distributed on different servers, but i'm trying to integrate them
 somehow.

 Each application has its own users.
 Is there a way to store all username/passwords into a single datasource
 and give each user, her proper permissions?

 Since i'm just a php-programmer, i *thought* of a MySQL database to
 hold these data, and then use a SOAP-Server to handle the authentication
 across those applications.

 Once a user provides her username/password, a SOAP Request will be
 made to a PHP-Driven Authentication Server, which handles the job to
 check the permissions and user's identity.

 It sounds slow, isn't it? Is there a better solution?
 How do you make authentication across a network of applications?



OAuth comes to mind...


-- 
http://blogs.linux.ie/kenguest/


Re: [PHP] Centralizled Authentication

2010-12-02 Thread Bostjan Skufca
Or OpenID.

b.


On 2 December 2010 11:48, Ken Guest k...@linux.ie wrote:
 On Thu, Dec 2, 2010 at 8:06 AM, AmirBehzad Eslami
 behzad.esl...@gmail.comwrote:

 Dear list,

 We have dozen of applications, mostly written in PHP and Python.
 They're distributed on different servers, but i'm trying to integrate them
 somehow.

 Each application has its own users.
 Is there a way to store all username/passwords into a single datasource
 and give each user, her proper permissions?

 Since i'm just a php-programmer, i *thought* of a MySQL database to
 hold these data, and then use a SOAP-Server to handle the authentication
 across those applications.

 Once a user provides her username/password, a SOAP Request will be
 made to a PHP-Driven Authentication Server, which handles the job to
 check the permissions and user's identity.

 It sounds slow, isn't it? Is there a better solution?
 How do you make authentication across a network of applications?



 OAuth comes to mind...


 --
 http://blogs.linux.ie/kenguest/


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php