[CalendarServer-users] LDAP authentication

[David Reid]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Julien,

On May 9, 2007, at 9:40 AM, Julien Chevalier wrote:
> I'm now interested in pluging the server to an existing ldap  
> directory in order to authenticate the users. According to the  
> wiki, OpenDirectoryService is the thing I should use. Is this  
> DirectoryService somehow crossplatform ? How can it be configured  
> to connect to the existing ldap directory, have you any doc about  
> that ?

Unfortunately it is not cross platform, it uses the Directory  
Services/Open Directory API provided by Apple.  A pure LDAP  
DirectoryService is on my todo list (using ldaptor[0])  But there are  
design issues blocking that work and I don't have the time to sort it  
all out right now.

I'm sorry that we don't just have something ready for you.  It should  
be possible to use python-ldap[1] without any design changes to the  
twistedcaldav.directory APIs however python-ldap is not an  
asynchronous API so it's performance in our twisted server may be  
suboptimal and require the use of a caching mechanism similar to  
OpenDirectoryService's.

Footnotes:
[0] http://www.inoi.fi/open/trac/ldaptor/
[1] http://python-ldap.sourceforge.net/

- -David

P.S. If anyone feels incredibly motivated to pursue any course of  
action along the lines of implementing some sort of LDAP Directory  
Service I'm sure it would be welcome.

"Usually the protocol is this: I appoint someone for a task,
which they are not qualified to do.  Then, they have to fight
a bear if they don't want to do it." -- Glyph Lefkowitz


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFGQgQOrsrO6aeULcgRAqDHAJwO+gSuKWEuQK8IuWkVtbpoUVpJMACfbPVo
CkYwpwdkePBBqqVitXmyRz8=
=ZeGO
-----END PGP SIGNATURE-----