[openupload-devel] Chained authentication ?
Status: Beta
Brought to you by:
tsdogs
Menu
▾
▴
[openupload-devel] Chained authentication ?
|
From: <wal...@no...> - 2011-04-19 17:31:02
|
Hi,
I'd like to set-up the following authentication scheme :
1) First, the user is authenticated against the openupload internal
authentication database
2) If the user does not exist in the database, then the user is
authenticated against an ldap server.
This would be useful if :
1) some users (who do not belong to the company) are not present in the
ldap directory ( and for whatever reason we do not want to put them into
the directory)
2) the corporate users exist in the ldap directory .
I've been thinking of the following implementation :
1) create a new class called 'chainedAuth' extending AuthBase
2) this class will hold references to an instance of defaultAuth (dA) and
to an instance of ldap Auth (lA)
3) calls to AuthBase functions will be forwarded to dA and/or lA
for example :
function authenticate($user,$pwd) {
if (!this->$dA->authenticate($user,$pwd))
return ( this->$lA->authenticate($user,$pwd))
else
return true;
}
I'm not sure about how all AuthBase functions should be implemented
(userdel() should probably be forwarded to dA only, userInfo() to both dA
and lA, ...)
Well, I'll investigate further and any idea or suggestion is welcomed.
Regards,W.
|
