April 24th, 2004

External authentication help

I'm trying to integrate the Hopkins Weblogs LJ setup with our LDAP server. I can write the LDAP-using code (though I'm not quite sure what file to put it in), but for the LJ integration I really don't know where to start.

What I want is that users go through this process to register:

  • User clicks "Create Journal"
  • User enters his desired LiveJournal username, his existing LDAP username, and his existing LDAP password
  • The LJ system never stores his LDAP password, only the linked LDAP username
When he logs in later:
  • Username is the desired, frivolous LiveJournal nickname (This also enables multiple accounts per user, good for communities)
  • Password is the linked LDAP password

If the password he enters authenticates against the stored LDAP username, then he's logged in. Also, this would mean the Change Password feature would either never be used, or become a "Change linked LDAP username" feature.

Can someone around give me some pointers? Some sample code would be fantastic here.