Hi Nick, Thanks for the explanation. Does AAI mean Authentication Authorization Identity and SSO mean Single Sign On? As per your example of OpenLDAP + Kerberos or Radius. is Openldap used for Authentication and Kerberos or Radius server for Authorization? Please clarify.
Regards, Kaushal On Mon, 10 Aug 2015 at 17:37 Nick Milas <[email protected]> wrote: > On 10/8/2015 2:16 μμ, Kaushal Shriyan wrote: > > > I am not sure if i understand the difference between Authorization and > > Authentication. Does Openldap support both or it supports or > > configured as Authorization or Authentication server? I will > > appreciate if somebody can help me understand with some examples. > > > > > > From Wikipedia: "Authentication is the act of confirming the truth of > an attribute of a datum or entity. This might involve confirming the > identity of a person or software program, tracing the origins of an > artifact, or ensuring that a product is what its packaging and labeling > claims to be." That's how we know who an application talks to. > > From Wikipedia: "Authorization is the function of specifying access > rights to resources." After authentication we know the person, but we > still unsure whether it's supposed to access a given resource and hence > the need for authorization. > > To get to know Openldap, read: http://www.openldap.org/doc/admin24/ > > Everything depends on what you are trying to do, your project needs. > > An example for AAI services would be something like OpenLDAP + Kerberos > or Radius. Google for AAI / SSO systems. > > Best regards, > Nick >
