LDAP Authentication

One of the requirements of remote authentication is to support user authentication with LDAP. Basic LDAP authentication is a simple procedure and follows these 3 steps:

1. LDAP Bind: First client should authenticate itself with LDAP server. This requires that client knows the bind address (called rootDN) and password for binding. This step establishes trust between LDAP client and LDAP server and paves the way for user authentication.

2. LDAP query for user name: Next step is query to LDAP server with user name. LDAP client sends this query to LDAP server to determine if user exists on the server. If user exists then client proceeds with real user authentication otherwise authentication request is denied in this step.

3. LDAP authentication: In this final step, client sends another LDAP Bind request with username that needs to be authenticated using the password taken from user input. If username and password matches on the LDAP server, authentication is successfully completed.