(My apologies if this has been mentioned before; Googling for it turned up nothing, and I haven't finished browsing past topics. I think it got mentioned here)( Collapse )
I'm currently writing a Java servlet to browse an LDAP directory, and was wondering if there are any plans to expose the LJ user database as an LDAP-accessible directory. As mentioned in this entry, it would allow central-management of the users accessible by the code, as well IMHO accessible to various tools, apps, etc. (email MUAs, LDAP browsers).
However, I can foresee some downsides and arguments to doing this:
- This may make it easy for spammers to harvest email addresses— not quite, since the userinfo pages are already publicly accessible; as for the email addresses, you can deny viewing those attribs (and more) to anonymous LDAP binds.
- Porting to an LDAP directory from the existing DB will be tough, as well as cause downtime— Could probably be implemented as a transition system? Possibly, using a replication daemon (slurpd) to synch data between the existing system and the LDAP directory
- What attribs and objectClasses should be used?— honestly don't know.
There are some upsides, though:
SELECTto lookup info about a user.
Please correct any wrong assumptions I make with the above. Thanks.
Jan Michael Ibañez