Authenticating and authorizing with LDAP user stores
Authentication and authorization are key aspects of building an application. Authentication is the act of identifying the user, and authorization is giving the authority to perform an action. In a larger software system, there are requirements to give different levels of access levels to different users. Different types of access controlling methods, such as Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Discretionary Access Control (DAC), are available for handling access levels. The system architect should select the most appropriate authentication method and access control method based on system requirements.
In this section, we will discuss maintaining user authentication and authorization details by using the most popular directory service, which is LDAP. Here, we have provided some tools that you can use to build an LDAP user store and how to integrate it with the Ballerina application.