LDAP (Lightweight Directory Access Protocol) is a manufacturer-independent protocol that allows sharing information about systems and users.

Elipse Mobile can use an LDAP server to perform user authentication. If a server is not informed, Elipse Mobile tries to find the default LDAP server on the network.

To do so, select the Settings tab, click External user authentication, and inform the name of an LDAP server in the Hostname option. Microsoft Active Directory is an example of a service that accepts this protocol.

How Authentication Works

As cell phones can be on a separate network, and there is a huge variety of operating systems including a web page, authentication is always performed by the Server and not by the Client.

This means that user names and passwords are sent over a Client's network to the Server and that Server check whether that user exists. Therefore, authentication is only performed when a Client is connected in secure mode (HTTPS).

User settings are stored in the Application, located on the Projects folder of Elipse Mobile's installation directory. Settings for external users are not saved and passwords from an LDAP server are never informed. For internal users of Elipse Mobile, a SHA1 hash for user and password is saved.

For security reasons, it is recommended that a system's general administrator user have a complex password, with a reasonable size composed by letters and numbers. This user must not be authenticated via LDAP but must use a security connection that encrypts all information. This user must also have direct access to the computer and may opt to avoid connections via Internet.