Lightweight Directory Access Protocol (LDAP) is a protocol used to locate the following resources on a computer network:

• Organizations
• Individuals
• Files
• Devices

Authentication to these resources can also be set. LDAP can be used over a private network or a public one such as the Internet. It could be considered as a version of DAP (Directory Access Protocol) with a reduced feature set. There are currently multiple commercial and open source products utilizing LDAP.

The current implementation (LDAPv3) has been developed by The Internet Engineering Task Force. The IETF web site describes the organization as follows: “The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet.” [10]. LDAPv3 was released in 1997. Efforts to improve and develop the protocol remain strong.

On the Morning LAN (Local Area Network), user information is stored on a Microsoft Windows Active Directory server. The stored data is used to give users access to the network domain, fileserver directories and Microsoft Outlook e-mail accounts. The Active Directory server is not accessible from the Internet (shown in Figure 4).

Figure 4 – Basic network structure

PHP has had native support for LDAP databases since version 3.0. There are functions for connecting, performing queries and processing result sets. These ready-made functions enable simple development of LDAP-aware web applications using PHP.

LDAP authentication in PHP applications had already been used at Morning. This meant the existing authentication module could be used to add LDAP authentication to Marmalade. At first, the authentication will only authenticate users, but not allow any personalization. With LDAP the authentication module in place, it will be convenient to add such features in the future.