Re: [Ejbca-develop] LDAP support.

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Or, maybe even better the doc/HOWTO-ldap.txt is updated (also on 
ejbca.sf.net) with this development.

/Tomas

Tomas Gustavsson wrote:

>
> Ldap is supported in a much better way in beta2, see 
> doc/RELEASE_NOTES. Herrvendil implemented profiles for publishers that 
> is configured from the admin-GUI. No need to edit ejb-jar.xml files 
> any more. You can easily configure how many publishers you like in the 
> admin-web.
>
> LDAP does not hold everything that the database does, so the database 
> is needed, there are lots of other information in the database except 
> certificates. The database is the primary store for everything and the 
> ldap can be far off even, not on the same machine. For security 
> reasons it's probably better to keep the ldap separate from the CA 
> anyhow.
> The database can hold unlimited number of certificates for every user 
> and every CA etc, something ldap is not so good at, so ldap can not 
> replace the database.
>
> Cheers,
> Tomas
>
> Developer wrote:
>
>> Is ldap supported in 3.0 beta2?  I seem to remember it being in beta 1
>> but I don't see any ldap options except in the
>> src/ca/ca/META-INF/ejb-jar.xml.
>>
>> Also, Is the database still necessary if we are using ldap for a
>> publisher?  Or what is the role of the database with ldap?
>>
>> Thanks,
>>
>> Chris
>>