[dev] Newbie
Raphael Melo de Oliveira Bastos Sales
raphael.melo21 at gmail.com
Thu Apr 27 18:16:46 PDT 2006
Hey Ben,
On 4/27/06, Ben Chavet <ben at horde.org> wrote:
> What I had in mind was more of an administrative module. Something
> along the lines of http://www-unix.mcs.anl.gov/~gawor/ldap/ but for
> horde. Perhaps this administrative module could provide an LDAP API
> for other applications.
I understand. And I do intend to do this. But I think that designing
the API is a good way to start. Plus, it would give other developers
something to work with while I'm not done. I was thinking in starting
the API with something simple and increase it on demand. I'll put the
interface I was thinking about in the end of this e-mail.
> Something else that has come up in the past is having global LDAP
> settings, similar to how we have global SQL settings now. This is
> probably a minor thing, but it would certainly make configuring Horde
> for LDAP much easier.
Just entered my TODO list. ;)
> I certainly see a lot of potential for tying horde into LDAP more
> tightly. Permissions is the first thing that comes to mind, like
> Chuck mentioned.
>
> A better prefs driver would be nice, as the current one really
> clutters things up in the directory, IMO. If we organized it right,
> we could even do something along the lines of Group Policy Objects,
> allowing administrators to enable, disable, or override user
> preferences.
Where can I find the current one? As I said to Chuck, I'm newbie in Horde. :)
>
> I had considered implementing an ldap datatree driver at one point,
> but I'm not sure how well that would scale, since LDAP is meant to be
> more of a read-fast, write-slow data storage area. But, the data
> structure fits perfectly, so it's certainly something to think about.
Excuse my ignorance, but what is the datatree?
>
> These are some of my ideas, and if I come up with anything else, I'll
> be sure to post them.
I appreciate that :)
>
> --Ben
>
As promised, the interface I was thinking. I'm hoping to increase it
as I get a better understanding the necessities of other Horde
developers:
<?php
class HordeLDAPDriver{
function HordeLDAPDriver( $ldap_host, $base_dn, $user = "", $password ="" ){
/* Do LDAP connection and binds stuff here.
* If user and password are not set, tries anonymous bind */
}
function authenticateUser( $user, $password ){
/* Tries to authenticate an user that is in one of the
assigned groups */
}
function authenticateUserByGroup( $user, $password, $groups ){
/* Tries to authenticate an user that is in one of the
assigned groups */
}
function authenticateUserByFilter( $user, $password, $filter ){
/* Tries to authenticate an user, matching it to the given filter */
}
function get( $directory_dn ){
/* Returns the directory that matches the given DN */
}
function add( $ldap_directory ){
/* Adds an LDAP Directory. Would receive an object of
* the type LDAPDirectory. I'd still have to define it */
}
function update( $ldap_directory ){
/* Updates an LDAP Directory. Would work the same way as above */
}
function remove( $directory_dn ){
/* Deletes the directory that matches the given DN */
}
function search( $search_filter ){
/* Returns a list of directories that matches the given filter */
}
}
?>
More information about the dev
mailing list