You are here

Home » API reference » Lightweight Directory Access Protocol (LDAP) 7.2

README.txt in Lightweight Directory Access Protocol (LDAP) 7.2

Same filename in this branch
  1. 7.2 ldap_feeds/README.txt
  2. 7.2 ldap_user/README.txt
  3. 7.2 ldap_authorization/README.txt
  4. 7.2 ldap_authorization/ldap_authorization_og/README.txt
  5. 7.2 ldap_help/ldap_test_script/README.txt
  6. 7.2 ldap_test/test_ldap/README.txt
Same filename and directory in other branches
  1. 8.2 ldap_authorization/README.txt
  2. 7 ldap_authorization/README.txt
Vocubulary of LDAP Authorization and its Code

----------------------
"Consumer"
----------------------
The "consumer" or entity that authorization is being granted.

Examples:  Drupal role, Organic Group group

----------------------
"Consumer Type"
----------------------
Machine ID of a consumer.  This is used in naming conventionss.

Examples:  drupal_role, og_group

----------------------
"Consumer Module"
----------------------
The module that bridges ldap_authorization and the consumer.
It needs to (1) provide a class: LdapAuthorizationConsumer<consumer_type>
and (2) implement hook_ldap_authorization_consumer.

Examples:  ldap_authorization_drupal_role


----------------------
"Authorization ID" aka "Consumer ID"
----------------------
The id of an individual authorization such as a drupal role or organic group.

Examples:  "authenticated user", "admin" (for drupal roles)
Examples:  "knitters on skates", "vacationing programmers" (og group names for organic groups)


----------------------
"Consumer Configuration"
----------------------
Configuration of how a users ldap attributes will
determine a set of Consumer ids the user should be granted.
Represented by LdapAuthorizationConsumerConf and LdapAuthorizationConsumerConfAdmin classes
and managed at /admin/config/people/ldap/authorization.  Stored in ldap_authorization database table.

---------------------
LDAP Server Configuration
---------------------
Each Consumer Configuration will use a single ldap server configuration to bind
and query ldap.  The ldap server configuration is also used to map the drupal
username to an ldap user entry.


----------------------
LDAP Authorization data storage:
---------------------

Authorization data is stored in user->data array

such as:

$user->data = array(
  'ldap_authorizations' => array(
    'og_group' => array (
      '3-2' => array (
        'date_granted' => 1329105152,
      ),
      '2-3' => array (
        'date_granted' => 1329105152,
      ),
    ),
    'drupal_role' => array (
      '7' => array (
        'date_granted' => 1329105152,
      ),
      '5' => array (
        'date_granted' => 1329105152,
      ),
    ),
  );

File

ldap_authorization/README.txt
View source 
  1. 

  2. Vocubulary of LDAP Authorization and its Code

  3. 

  4. ----------------------

  5. "Consumer"

  6. ----------------------

  7. The "consumer" or entity that authorization is being granted.

  8. 

  9. Examples:  Drupal role, Organic Group group

  10. 

  11. ----------------------

  12. "Consumer Type"

  13. ----------------------

  14. Machine ID of a consumer.  This is used in naming conventionss.

  15. 

  16. Examples:  drupal_role, og_group

  17. 

  18. ----------------------

  19. "Consumer Module"

  20. ----------------------

  21. The module that bridges ldap_authorization and the consumer.

  22. It needs to (1) provide a class: LdapAuthorizationConsumer

  23. and (2) implement hook_ldap_authorization_consumer.

  24. 

  25. Examples:  ldap_authorization_drupal_role

  26. 

  27. 

  28. ----------------------

  29. "Authorization ID" aka "Consumer ID"

  30. ----------------------

  31. The id of an individual authorization such as a drupal role or organic group.

  32. 

  33. Examples:  "authenticated user", "admin" (for drupal roles)

  34. Examples:  "knitters on skates", "vacationing programmers" (og group names for organic groups)

  35. 

  36. 

  37. ----------------------

  38. "Consumer Configuration"

  39. ----------------------

  40. Configuration of how a users ldap attributes will

  41. determine a set of Consumer ids the user should be granted.

  42. Represented by LdapAuthorizationConsumerConf and LdapAuthorizationConsumerConfAdmin classes

  43. and managed at /admin/config/people/ldap/authorization.  Stored in ldap_authorization database table.

  44. 

  45. ---------------------

  46. LDAP Server Configuration

  47. ---------------------

  48. Each Consumer Configuration will use a single ldap server configuration to bind

  49. and query ldap.  The ldap server configuration is also used to map the drupal

  50. username to an ldap user entry.

  51. 

  52. 

  53. ----------------------

  54. LDAP Authorization data storage:

  55. ---------------------

  56. 

  57. Authorization data is stored in user->data array

  58. 

  59. such as:

  60. 

  61. $user->data = array(

  62.   'ldap_authorizations' => array(

  63.     'og_group' => array (

  64.       '3-2' => array (

  65.         'date_granted' => 1329105152,

  66.       ),

  67.       '2-3' => array (

  68.         'date_granted' => 1329105152,

  69.       ),

  70.     ),

  71.     'drupal_role' => array (

  72.       '7' => array (

  73.         'date_granted' => 1329105152,

  74.       ),

  75.       '5' => array (

  76.         'date_granted' => 1329105152,

  77.       ),

  78.     ),

  79.   );