On 10/8/2015 2:16 μμ, Kaushal Shriyan wrote:
I am not sure if i understand the difference between Authorization and Authentication. Does Openldap support both or it supports or configured as Authorization or Authentication server? I will appreciate if somebody can help me understand with some examples.
From Wikipedia: "Authentication is the act of confirming the truth of an attribute of a datum or entity. This might involve confirming the identity of a person or software program, tracing the origins of an artifact, or ensuring that a product is what its packaging and labeling claims to be." That's how we know who an application talks to.
From Wikipedia: "Authorization is the function of specifying access rights to resources." After authentication we know the person, but we still unsure whether it's supposed to access a given resource and hence the need for authorization.
To get to know Openldap, read: http://www.openldap.org/doc/admin24/
Everything depends on what you are trying to do, your project needs.
An example for AAI services would be something like OpenLDAP + Kerberos or Radius. Google for AAI / SSO systems.
Best regards, Nick