LDAP (Lightweight Directory Access Protocol) Integration

Netcon Support Team

18 Mars 2025 12:49

Feature Request Summary: 

User authentication method in Oracle database integrated with LDAP

Functional Area / Module: 

Centralized User Management

Description/Use Cases: 

Centralized Authentication: LDAP authentication allows multiple systems and applications to use a single repository of authentication information. This makes user management easier because all credentials are stored in a single location.

Security: Centralized authentication through LDAP improves security by allowing uniform application of password policies and making it easier to detect suspicious activity. In addition, many LDAP implementations support secure protocols such as TLS.

Business impact of limitation or missing of the feature:

The absence of LDAP (Lightweight Directory Access Protocol) integration can bring a series of challenges and negative impacts to businesses. Here are some of the main points:

1. Complex User Management: Without LDAP integration, each system and application will have its own authentication and authorization mechanism, resulting in the need to maintain multiple user databases. This can be confusing and prone to errors, increasing the workload for administrators.
2. Low Operational Efficiency: Users need to memorize and manage multiple credentials to access different systems, which can lead to an increase in password reset requests and loss of productive time.
3. Weakened Security: The lack of centralization can make it difficult to apply consistent security policies, such as strong password requirements, multi-factor authentication, and suspicious activity detection. This can increase the risk of security breaches.
4. Decentralized Administration: System administrators will need to configure and manage user accounts on multiple platforms, which is not only time-consuming but also increases the risk of inconsistencies and human errors.
5. Compliance Challenges: Maintaining compliance with security and privacy regulations can be more complicated when authentication data is spread across various systems. Auditing and monitoring access become less efficient and more costly.

Other necessary information or resources:

It is required to use LDAP to ensure the data can transit cyphered.

It is desired for the LDAP’ service to be used not only for user authentication, but also as an authorization mechanism. The authorization can be implemented based on the user’s membership in a Security Group, such as "App_ConnectMaster" group.

It is also desirable for the application to log both successful and failed access attempts. The log must contain the username, IP, hostname and result.

Best Regards.

Ribeiro.

3

• 

  Jeff Connacher

  • Community-Manager

  08 April 2025 08:19

  We have a current project that is looking at security using external identity providers for different ConnectMaster components and applications which will be released later in the year and support a number of API protocols. Using Oracle Database security converged with this is on the Roadmap and will follow after the first phase

  1
• 

  Danang Zakaria

  20 November 2025 10:11

  Upvoted

  We have the same requirement from the customer already on this topic.

  0

Du måste logga in om du vill lämna en kommentar.