wiki:Internal/Rbac/LdapResources

Version 28 (modified by (none), 19 years ago) ( diff )

Table of Contents

    1. Role-Based Access Control
    1. RBAC Reference Model
      1. Previous Work
      2. Design Issues
    1. LDAP Resources
    2. LDAP References
    1. RBAC Resources
    2. RBAC References

LDAP Resources

ORBIT uses the open-source implementation of the The Lightweight Directory Access Protocol (LDAP) from http://www.openldap.org/ OpenLDAP. Many of the ideas about using LDAP to implement RBAC on ORBIT are from this site, see also http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/guide.pdf OpenLDAP Software 2.3 Administrator's Guide. There is also an O'Reilly book: http://www.amazon.com/gp/product/1565924916/ Car03 Gerald Carter. LDAP System Administration. O'Reilly Media, Inc., Sebastopol, CA, USA, March 2003; and an IBM Redbook: http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/sg244986.pdf TEGE04 Steven Tuttle, Ami Ehlenberger, Ramakrishna Gorthi, Jay Leiserson, Richard Macbeth, Nathan Owen, Sunil Ranahandola, Michael Storrs, and Chunhui Yang. Understanding LDAP Desgn and Implementation. IBM Redbook. IBM International Technical Support Organization, ibm.com/redbooks, second edition, June 2004.

LDAP References

Most of the links for these LDAP references are to documents on the Web in Adobe Acrobat (.pdf) format.

LDAP Version 2 documents:

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc1777.txt.pdf RFC1777 Lightweight Directory Access Protocol

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc1778.txt.pdf RFC1778 The String Representation of Standard Attribute Syntaxes

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc1779.txt.pdf RFC1779 A String Representation of Distinguished Names

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc1959.txt.pdf RFC1959 An LDAP URL format

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc1960.txt.pdf RFC1960 A String Representation of LDAP Search Filters

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc1823.txt.pdf RFC1823 The LDAP Application Program Interface (C language API)

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2596.txt.pdf RFC2596 Use of Language Codes in LDAP

LDAP Version 3 Documents, obsoleted:

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2251.txt.pdf RFC2251 Lightweight Directory Access Protocol (v3)

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2252.txt.pdf RFC2252 LDAPv3: Attribute Syntax Definitions

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2253.txt.pdf RFC2253 LDAPv3: UTF-8 String Representation of Distinguished Names

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2254.txt.pdf RFC2254 LDAPv3: The String Representation of LDAP Search Filters

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2255.txt.pdf RFC2255 LDAPv3: The LDAP URL Format

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2256.txt.pdf RFC2256 LDAPv3: A Summary of the X.500(96) User Schema for use with LDAPv3

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2696.txt.pdf RFC2696 LDAPv3: LDAP Control Extension for Simple Paged Results Manipulation

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2829.txt.pdf RFC2829 Authentication Methods for LDAP

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2830.txt.pdf RFC2830 LDAPv3: Extension for Transport Layer Security

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc3377.txt.pdf RFC3377 LDAPv3: Technical Specification

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc3771.txt.pdf RFC3771 LDAP Intermediate Response Message

LDAP Version 3 Documents, current:

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4510.txt.pdf RFC4510 LDAP: Technical Specification Road Map

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4511.txt.pdf RFC4511 LDAP: The Protocol

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4512.txt.pdf RFC4512 LDAP: Directory Information Models

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4513.txt.pdf RFC4513 LDAP: Authentication Methods and Security Mechanisms

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4514.txt.pdf RFC4514 LDAP: String Representation of Distinguished Names

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4515.txt.pdf RFC4515 LDAP: String Representation of Search Filters

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4516.txt.pdf RFC4516 LDAP: Uniform Resource Locator

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4517.txt.pdf RFC4517 LDAP: Syntaxes and Matching Rules

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4518.txt.pdf RFC4518 LDAP: Internationalized String Preparation

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4519.txt.pdf RFC4519 LDAP: Schema for User Applications

LDAP Data Interchange Format (LDIF):

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2849.txt.pdf RFC2849 The LDAP Data Interchange Format (LDIF)

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc4525.txt.pdf RFC4525 Lightweight Directory Access Protocol (LDAP) Modify-Increment Extension

Other LDAP Documents:

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc1274.txt.pdf RFC1274 The COSINE and Internet X.500 Schema

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2078.txt.pdf RFC2078 General Security Service Application Program Interface, Version 2 (GSSAPI)

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2079.txt.pdf RFC2079 Definition of an X.500 Attribute Type and an Object Class to Hold URIs

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2247.txt.pdf RFC2247 Using Domains in LDAP/X.500 Distinguished Names

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2293.txt.pdf RFC2293 Representing Tables and Subtrees in the X.500 Directory

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2294.txt.pdf RFC2294 Representing the O/R Address Hierarchy in the X.500 Directory Information Tree

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2307.txt.pdf RFC2307 An Approach for Using LDAP as a Network Information Service

http://ietfreport.isoc.org/idref/draft-howard-rfc2307bis/ RFC2307BIS An Approach for Using LDAP as a Network Information Service

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2377.txt.pdf RFC2377 Naming Plan for Internet Directory-Enabled Applications

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2587.txt.pdf RFC2587 Internet X.509 Public Key Infratructure LDAPv2 Schema

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2589.txt.pdf RFC2589 LDAP (v3): Extensions for Dynamic Directory Services

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2798.txt.pdf RFC2798 Information on the inetOrgPerson LDAP Object Class

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc3112.txt.pdf RFC3112 LDAP Authentication Password Schema

Simple Authentication and Security Layer (SASL) documents:

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2222.txt.pdf RFC2222 Simple Authentication and Security Layer (SASL)

ftp://ftp.rfc-editor.org/in-notes/pdfrfc/rfc2831.txt.pdf RFC2831 Using Digest Authentication as a SASL Mechanism

Note: See TracWiki for help on using the wiki.