I am looking for a schema definition and/or some examples how to most effectively to store authorization information about users:
a user can belong to one or more GROUPS,
and each GROUP has some access rights (for example some TASK_ID or something, that I can use in my program)
1) has this been implemented already
2) are there suitable standard attributes for that.
3) how do i make the whole structure,
using a relational database, just make the relationship between a user and groups, but here in LDAP, isn't that a too much work?
I've been looking in the net for information, read two books (LDAP System Administration, and Understanding and Deploying LDAP Directory Services), but I got little information on my specific problem.
I'd really appreciate your help esp. if you had experience implementing a similar thing.
Thanks!
a user can belong to one or more GROUPS,
and each GROUP has some access rights (for example some TASK_ID or something, that I can use in my program)
1) has this been implemented already
2) are there suitable standard attributes for that.
3) how do i make the whole structure,
using a relational database, just make the relationship between a user and groups, but here in LDAP, isn't that a too much work?
I've been looking in the net for information, read two books (LDAP System Administration, and Understanding and Deploying LDAP Directory Services), but I got little information on my specific problem.
I'd really appreciate your help esp. if you had experience implementing a similar thing.
Thanks!
