Hi Pierre, no, not insurance claims :) This -> https://en.wikipedia.org/wiki/Claims-based_identity
Apologies for not being more clear. We sell a product that uses LDAP for authentication. Some of our customers use ApacheDS so we're familiar with it and its API. The claims based authentication (as I understand it from our customers) is a mechanism REST apis use to represent authentication and authorization in a stateless manner. The 'claims' are exchanged as tokens in a http header of a REST call. I'm imagining the authentication claim would map to ldap user/password and authorization claims to groups / roles. When you login to a 3rd party website with your facebook or google account, this is claims based authentication. I was just wondering if anyone had endeavored to do something like this. Many thanks! -----Original Message----- From: Pierre Smits [mailto:[email protected]] Sent: Tuesday, October 27, 2015 12:54 PM To: Apache Directory Users List Subject: Re: Claims based authentication with ApacheDS Hi Carlo, Are you referring to claims as in insurance claims? And are you talking about some kind of workflow oriented enablement (whatever that entails in your context) of persons registered in the ApacheDS, whereby DS functions as the primary source regarding authentication, authorisation, etc? Best regards, Pierre Smits *OFBiz Extensions Marketplace* http://oem.ofbizci.net/oci-2/ On Tue, Oct 27, 2015 at 4:16 PM, <[email protected]> wrote: > Hi, > > We're starting to hear our customers ask for 'claims based authentication' > with our product which back end with ApacheDS. > I've researched it a bit and it's clearly beyond the goals of an LDAP > server. > My question is, are any of you trying to implement something like > this? If so, what is the stack you're using? > What are challenges, benefits, risks? > > Thanks, > Carlo Accorsi > > > > >
