Image of an arrow

Lemon LDAP::NG, Villeurbanne’s authentication system choice

Avatar

admin_sflinux

The city of Villeurbanne (France) is interested in open source technologies and has chosen Lemon LDAP::NG to control its users’ access rights.

The city of Villeurbanne had many web applications where the authentication was already delegated to a central CAS server (Central Authentication Services), modified to Villeurbanne’s needs, to give access to current internal users in the Active Directory as well as to external users stored in a database.
By adding new applications to the city’s information system (IS), it became necessary for the IS managers required the need to control access rights in order to ensure that certain users will not access confidential information.

A solution proven to respond to the «unique authentication» issues of the city of Villeurbanne

Having searched for an appropriate authentication system and having consulted experts about different possibilities and the pros and cons of different systems, the town’IS makers’ decision was drawn to LemonLDAP::NG as a unique authentication system.
LemonLDAP::NG is a unique authentication software identity manager distributed under the GPL license and adapted to companies (centralized authorization management, interoperability with all the identity exchange protocols such as CAS, OpenID, Connect, SAML,…). With a very simple installation process, the configuration can be done in text or graphic mode. LemonLDAP::NG is generally compatible with a number of web applications.
«Within the scopeof this Intranet project, composed of open-source bricks, we were looking for a unique authentication tool which allows to assign access rights based on active directory account characteristics, explains Jean-Patrick Trauet, Tehchnical and Security Manager. After analyzing different solutions, we chose Lemon::LDAP which responded perfectly to our needs.
It also became an opportunity to create an authentication portal for our web applications. In the future, we envision to evolve our Lemon::LDPA towards strong authentication.»

«After analysis different solutions, we chose Lemon::LDAP which responded perfectly to our needs. It also became an opportunity to create an authentication portal for our web applications»
Jean-Patrick Trauet, Technical and Security Manager


A project lead by Savoir-faire Linux
The city of Villeurbanne asked Savoir-faire Linux to accompany them in the implementation of LemonLDAP::NG.To help them more effectively, we had to break the project down into several phases.

  • The implementation of an OpenLDAP directory to replace the referential external identity database
  • The creation of connectors to automatically synchronize the accounts and Active Directory groups in the OpenLDAP directory
  • The management of group rights in OpenLDAP associating internal and external users
  • The implementation of LemonLDAP::NG as a CAS server to replace the old system and personalize the authentication pattern
  • The migration of applications towards the new CAS server

The new authentication portal

 

The main benefits for the city of Villeurbanne

The city of Villeurbanne now has at its disposal a central identification (internal and external) directory and a WebSSO tool and access control. The possibility of using LemonLDAP::NG as a CAS server, but also as a supplier of headers, SAML, or OpenID Connect, allows to connect a large scope of applications.

Key data

  • Number of users impacted : approximately 1000 users
  • Number of project management days : 10 days
  • Number of concerned applications : between 5 and 10
  • Technologies used : OpenLDAP, LSC and LemonLDAP::NG , EZPublish, Alfresco, iTop, Piwik, Orchestra, développements internes en PHP

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.


Similar articles

Image of an arrow

The LDAPCon is an international conference on LDAP technology and the issues such as identity management, authentication and empowerment. LDAPCon is a biennial event and this year it will take place from 19 to 20 October in iconic city of Brussels, the capital of Belgium, where the business of the European Union and NATO is run. In the […]

Avatar
19 Sep. 2017 Reading from 2 minutes.

                                               This article aims to explain how to automate the installation as well as configuration of Nexus’s Repository Manager version 3.x with Ansible. Ansible is a deployment tool, which enables playbooks to automate applications […]

Avatar
5 Sep. 2017 Reading from 7 minutes.

We are happy to have completed a joint project – an informative video – with Microsoft on the relevance and significance of open source technologies in the Azure cloud environment. First Microsoft Open Source Partner in Canada We are the first “Microsoft Open Source Partner” in Canada. This partnership has been a testimony to our […]

Avatar
1 Jun. 2017 Reading from 2 minutes.
Thumbnail image

la conférence LDAPCon 2015 sur LDAP et les questions de gestion des identités, d’authentification et d’habilitation, est l’occasion de rencontrer les acteurs les plus importants du domaine…

Avatar
7 Dec. 2015 Reading from 4 minutes.
Thumbnail image

After months of negotiation, the Red Hat Microsoft cloud partnership was announced on November 4th. This agreement of historic proportions heralds radical changes in the global computing ecosystem. It will have significant impacts on many organizations in Quebec and elsewhere in the world. This partnership deals with two important elements: Public cloud with Azure Microsoft’s […]

Avatar
10 Nov. 2015 Reading from 2 minutes.
Close
Close