<< Click to Display Table of Contents >>
LDAP Server |
LDAP (Lightweight Directory Access Protocol) is a manufacturer-independent protocol that allows sharing information about systems and users.
Elipse Mobile can use an LDAP server to perform user authentication. If a server is not informed, Elipse Mobile tries to find the default LDAP server on the network.
To do so, select the Settings tab, click External user authentication, and inform the name of an LDAP server in the Hostname option. Microsoft's Active Directory is an example of a service that accepts this protocol.
NOTE |
Microsoft provides a utility to configure LDAP servers, Active Directory Explorer. |
As cell phones can be on a separate network, and there is a huge variety of operating systems, including web pages, authentication is always performed by the Server and not by the Client.
This means user names and passwords are sent over a Client's network to the Server and that Server checks whether that user exists. Therefore, authentication is only performed when a Client is connected in secure mode (HTTPS).
User settings are stored in the Application, located on the Projects folder of Elipse Mobile Server's installation directory. Settings for external users are not saved and passwords from an LDAP server are never informed. For internal users of Elipse Mobile Server, a SHA1 hash for user and password is saved.
For security reasons, it is recommended that a system's general administrator user have a complex password, with a reasonable size composed by letters and numbers. This user must not be authenticated via LDAP but must use a security connection that encrypts all information. This user must also have direct access to the computer and may opt to avoid connections via Internet.