Apache: Authentication and authorization against an LDAP server

mod_psldap is an Apache module for leveraging LDAP services built on the OpenLDAP library and the Apache APIs, to include web based A&A, web based updates to the LDAP store, server-side XSLT processing, and session management across servers.

Features

• Functions against a secure LDAP server
• Does not require administrative access to the LDAP server
• LDAP connection configurations can be set within a base URL
• Multiple LDAP servers can be utilized for authentication
• Management of search scope for identifying user to authenticate
• Configurable user, group, and password attribute selection
• Allows password comparison in the module or in the LDAP server
• Kerberos authentication to the LDAP server
• Identifies group membership based on an attribute value in the LDAP record
• Leverages LDAP based groups for authentication
• Is capable of cookie based authentication
• Caches authentication results to avoid excessive LDAP related traffic
• Integration of user account maintenance
• Web based directory lookups
• Improved look and feel with card based, tabular, and editable views of LDAP records
• Tree based browse mechanism
• VCF export capability
• Handheld device support
• Support for browsers that do not perform XSLT.