Interfacing to the lookup directory: Difference between revisions
No edit summary |
(Revise to be a little more up-to-date) |
||
Line 1: | Line 1: | ||
The [http://www.cam.ac.uk/cs/lookup/ lookup directory] provides a source of information about people in the University. As such it can be used to some extent as a way of gathering additional material about people who have been identified by Raven. | |||
To gather information, for example in a script protected by Raven, the best approach is probably to use the LDAP interface at ldap.lookup.cam.ac.uk. Note that | To gather information, for example in a script or application protected by Raven, the best approach is probably to use the LDAP interface at ldap.lookup.cam.ac.uk. Note that (with some exceptions for groups) only anonymous LDAP access is available (and only from computers connected to the University network) and that individuals are allowed to [http://www.cam.ac.uk/cs/lookup/editing.html suppress] most information about themselves from all such accesses. Sites '''must not''' publicise any information extracted from the directory outside the University without the relevant user's consent. | ||
It is in principle possible to make authorization decisions in | It is in principle possible to make authorization decisions in from within web servers such as Apache, Tomcat and IIS based on information in the directory, such as institution affiliation. The lookup project has created an [[Apache lookup module]] which does this, though it does have some bugs and limitations. It currently has to be built from source and there are no pre-built Windows binaries. I ([[User:jw35|jw35]]) am not aware of any similar solutions for Tomcat or IIS. | ||
Latest revision as of 10:17, 12 October 2011
The lookup directory provides a source of information about people in the University. As such it can be used to some extent as a way of gathering additional material about people who have been identified by Raven.
To gather information, for example in a script or application protected by Raven, the best approach is probably to use the LDAP interface at ldap.lookup.cam.ac.uk. Note that (with some exceptions for groups) only anonymous LDAP access is available (and only from computers connected to the University network) and that individuals are allowed to suppress most information about themselves from all such accesses. Sites must not publicise any information extracted from the directory outside the University without the relevant user's consent.
It is in principle possible to make authorization decisions in from within web servers such as Apache, Tomcat and IIS based on information in the directory, such as institution affiliation. The lookup project has created an Apache lookup module which does this, though it does have some bugs and limitations. It currently has to be built from source and there are no pre-built Windows binaries. I (jw35) am not aware of any similar solutions for Tomcat or IIS.