Community & Support
Support » Module Development and Code Questions

Dual Authentication Schemes (IWA / LDAP / Internal)

Posted by mmatos on October 3, 2008 at 4:53pm

Hi everyone,

I am evaluating a variety of CMS and have some pretty specific requirements. I'm going in to a pretty significant project that will require module development, so I'm really looking for the CMS that has the most of my requirements met from the start so we can reduce development time.

Having granular privileges is one of the many reasons why I am leaning towards Drupal.

We are developing an application that is going to be accessed both internally (on our intranet) and externally. To complicate matters, the users who are going to need access will be both users on our domain (Microsoft Active Directory) and a few thousand technicians and partners (not on our domain).

Our "perfect" scenario would be one where:

Users who are on our network and logged on will be recognized (using Integrated Windows Authentication).
If they are not on our network/logged on, those who are in AD can log on using their AD credentials (LDAP) and those who are not can log on using their internal account (Drupal Internal).

An alternative perhaps could be having 2 logon forms - one for AD users and one for Non-AD users. Has anyone done this?

I appreciate any input anyone can provide!

Thanks.

Login or register to post comments Categories: ,

Comments

While I'm disappointed in

Posted by mmatos on October 6, 2008 at 2:38pm

While I'm disappointed in the lack of responses, I wanted to throw this out there for users who are in similar situations:

The LDAP Integration module (http://drupal.org/project/ldap_integration) is almost perfect for my situation above. Unfortunately the project description doesn't tell you all of the wonderful features that you'll discover as you play with the module.

It actually does support dual authentication - the module first attempts an AD lookup / logon, and if that doesn't work, it falls back to internal Drupal users. While it lacks IWA, it does everything else perfectly. I am very impressed with the module and I foresee very little to no modifications to make it do exactly what we need.

So the next reason I'm here - developers. I'll be posting in the near future in the Paid Developers forum seeking a team of developers to work on this project with us. It's an Enterprise level project and I'll be needing to get some quotes very soon.

nobody click here