LDAP for User Authentication in Metacat |
Back | Home | Next |
Network of LDAP servers
In the distributed network of Metacat servers, network of LDAP servers is implemented as a distributed storage of Metacat's users. Any Metacat instance running on particular site is configured to use certain LDAP instance both usually running on the same host. Several Metacat instances can use one LDAP instance.
The distributed scheme of LDAP servers represents a hierarchy of nodes
where in the leaves are the particular users used by the Metacat servers
for authentication.
The LDAP tree starts from the root context for the Knowledge
Network of Biocomplexity.:
dc=ecoinformatics,dc=orgThe nodes on the second level represent the subtrees of the major Metacat sites such as NCEAS, LTER, etc.:
o=NCEAS,dc=ecoinformatics,dc=org
or
o=LTER,dc=ecoinformatics,dc=org
Look at the example for the
initial entries of KNB main tree
. Definition of KNB development group at NCEAS:
dn: cn=knb-dev,o=NCEAS,dc=ecoinformatics,dc=org
objectClass: top
objectclass: groupOfUniqueNames
cn: knb-dev
uniqueMember: uid=jones,o=NCEAS,dc=ecoinformatics,dc=org
uniqueMember: uid=bojilova,o=NCEAS,dc=ecoinformatics,dc=org
uniqueMember: uid=berkley,o=NCEAS,dc=ecoinformatics,dc=org
uniqueMember: uid=higgins,o=NCEAS,dc=ecoinformatics,dc=org
uniqueMember: uid=harris,o=NCEAS,dc=ecoinformatics,dc=org
description: KNB development group at NCEAS
Look at the example for a
group entry in KNB.
Definition of a user from NCEAS subtree:
dn: uid=bojilova,o=NCEAS,dc=ecoinformatics,dc=org
objectClass: top
objectclass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectclass: uidObject
uid: bojilova
cn: Jivka Bojilova
sn: Bojilova
givenName: Jivka Bojilova
title: Data Integration Developer
Look at the example for
user entries in KNB.