Version 4 (modified by 18 years ago) ( diff ) | ,
---|
LDAP and RBAC Documents
The Lightweight Directory Access Protocol (LDAP) is used by Orbit to authenticate each user's password when he or she logs into an Orbit controller or server. LDAP authentication and the proper use of Orbit user id's and passwords allows each user id to be related to a single human user. A single person may have one or more Orbit user id's. Each Orbit user id may be logged into one or more sessions, and during each session there are multiple serial or parallel computer processes initiated by the user. A process is the operation of an application program like a spreadsheet, editor or browser.
Role-Based Access Control (RBAC) will be used by Orbit to control each user's access to Orbit resources based on his or her role. To explain how RBAC will work, first some terminology. An application program or process acting on behalf of a user is referred to as a subject. An object is any resource accessible on a computer system, including peripherals, files, databases, and fields in a database. An operation is an active process invoked by the subject process much like a function call or a method invocation. A permission or privilege is the authorization to perform some action on the system. In RBAC, a permission involves the authorization to perform a given operation on a given object.
LDAP Version 2 documents
LDAPv2
RFC1777
Lightweight Directory Access Protocol
RFC1778
The String Representation of Standard Attribute Syntaxes
RFC1779
A String Representation of Distinguished Names
RFC1959
An LDAP URL format
RFC1960
A String Representation of LDAP Search Filters
RFC1823
The LDAP Application Program Interface (C language API)
RFC 2596
Use of Language Codes in LDAP
Attachments (2)
- rfc4510.txt.pdf (9.7 KB ) - added by 18 years ago.
- ANSI+INCITS+359-2004.pdf (356.3 KB ) - added by 18 years ago.
Download all attachments as: .zip