httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Graham Leggett" <>
Subject Multiple AAA providers (was: Re: Puzzling News)
Date Wed, 02 Mar 2005 09:20:00 GMT
Jess Holle said:

> The use cases are:
>    1. multiple organizations, each with their own LDAP wish to allow
>       their personnel into a common site -- each has its own, separately
>       administered LDAP
>    2. a single organization has a read-only internal LDAP and a writable
>       LDAP for external guests -- again for a common site
> In both cases there are multiple LDAP directories which have no overlap,
> i.e. if the first LDAP does not contain the uid, then the second must be
> tried -- this is quite different then the multiple fail-over LDAP URLs
> allowed in auth_ldap and Apache 2.0's mod_auth_ldap.

The penny drops: now I understand what you mean.

This functionality would be useful for more than just LDAP: you might want
to use two different flat file databases, or maybe you want to auth
someone in LDAP and someone else in SQL.

This is really an AAA-wide question rather than an LDAP specific question.

Anyone know how difficult this would be to do in the current AAA structure?


View raw message