[imp] ldap

Rick Stevens rstevens@publichost.com
Wed, 06 Dec 2000 11:52:13 -0800

Previous message: [imp] ldap
Next message: [imp] ldap
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

John C. Amodeo wrote:

> Ok, ok...
> 
> There seems to be enough problems with ldap not to use it for session management -
> but now I have a problem.  What I am trying to do is create a scalable e-mail
> system that will handle a few hundred users, and use ldap for user
> authentication.  I have read various how-to's on creating scalable web mail
> solutions using the horde software, etc..
> 
> Here is my question - if I use, for instance, shared memory for the php session
> management (optimized for speed), can I still use ldap to store the users
> signature files and address books?  I think it would be rather complicated to set
> up a system that uses shared memory or sql for session management, uses sql for
> user data, and uses an ldap directory for authentication.  doesn't this sound a
> little ridiculous?  I am trying to stay away from using sql for session management
> for scalability issues as well as speed.
> 
> Does anyone have any suggestions?

Actually, that's just what we do.  The user is authenticated from LDAP,
but the address books and session management is done via SQL.  We made
some changes to the IMP/Horde code for logins.  For IMP, the login is
actually handled by the IMAP server, and our IMAP servers use LDAP
authentication.

We do virtual web hosting and virtual mail hosting, so we require the
username to be "user@domain".  Our changes to Horde/IMAP look at the
user name.  If it sees the "@domain" part, it uses that.  If it doesn't
see the "@domain" part, we pull it off the URL used to get to the IMP
service (e.g. URL is "http://webmail.someweirddomain.com", so we grab
the "someweirddomain.com" portion and tack that onto the username
given).

It works well.  Our environment is 1 SQL server, 1 LDAP server
(replicated), and two load-balanced web/IMP/IMAP servers.  If we need
more OOMPH!, we add another web/IMP/IMAP server to the load balancer.
We use Alteon load balancers, by the way, not some DNS round-robin
thing.

----------------------------------------------------------------------
- Rick Stevens, CTO, PublicHost, Inc.        rstevens@publichost.com -
- 949-743-2010 (Voice)                     http://www.publichost.com -
-                                                                    -
-      The moving cursor writes, and having written, blinks on.      -
----------------------------------------------------------------------

Previous message: [imp] ldap
Next message: [imp] ldap
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]