Michael Bacon schrieb am Tue, Mar 05, 2002 at 09:50:34PM -0500: > Don't. LDAP isn't designed for authentication, and isn't particularly good > at it. It's a nice standby if you don't have the time to set up a real > authentication service like kerberos or something else that was designed > for it, but if you're not already there, don't go there.
I think this issue is a wholly "it depends". LDAP is very fine when you want a centralized, easy to manage user database to authenticate against and you don't need special features with that. If needed, you can secure the communi- cation via SSL. Setting up things like kerberos is waaay to complicated for many situations. Calling it the "real" authentication service is therefore of no use in this context. Regards, Birger
