Using LDAP for User Authentication

We at RemObjects Software have been using LDAP for centralizing the authentication for all our different projects, like our issue tracker, internal websites, calendar and jabber and it’s been working very well. However for .NET there’s only one library that can be used on both Mono & .NET to talk to an LDAP server, namely Novell.Directory.Ldap.

While this library supports all the features one could want out of an LDAP implementation, it had some issues with records not arriving when talking to an OpenLDAP server, so what we did is write our own, as part of InternetPack. It’s a simple LDAP client implementation but offers everything required for searching records and authenticating and supports both LDAPS and StartTLS over LDAP.

Simplifying the process

Included with the new LDAP classes is a wrapper that, given a few properties, handles the following:

  • Find a user by name, not by it’s full LDAP distinguished name
  • Validate the users’ credentials
  • Return the list of groups this user is member of
  • Return all available info about the user by returning it’s user record

We’re using this new class internally already and it works very well, but any comments on it would be appreciated. For those that are new to Internet Pack: it’s free.

Carlo Kok

Read more posts by this author.