to be an alternative to the client side protocol of X.500 (DAP). It allow clients to connect to intermediate servers using TCP/IP networks. These intermediate servers would then connect to X.500 servers using
DSP over OSI networks. The LDAP protocol was later expanded to also replace the server side (DSP) of the X.500 protocol.
DSP over OSI networks. The LDAP protocol was later expanded to also replace the server side (DSP) of the X.500 protocol.
Security
The LDAP protocol uses Simple Authentication and Security Layer (SASL) specification for identification and authentication. The SASL layer is flexible and allows other security mechanisms (such as Kerberos
or GSSAPI) to be implemented or plugged in. Since LDAP uses TCP/IP it can be transported over Secure Socket Layer (SSL) connections.
or GSSAPI) to be implemented or plugged in. Since LDAP uses TCP/IP it can be transported over Secure Socket Layer (SSL) connections.
A typical LDAP session may proceed like the following:
- Client: Connects and requests access to the server; this is called the Binding operation.
- Server: Server authenticates the client and completes the binding operation.
- Client: Requests a service from the server, such as search for an entry in the directory, and presents any parameter data.
- Server: Performs service and communicates a response or a referral to another LDAP server.
- Client: Receives response and unbinds or terminates the connection and may connect to a referred server.
Reference
http://www.collectionscanada.gc.ca/iso/ill/document/ill_directory/X_500andLDAP.pdf
No comments:
Post a Comment