miniOrange LDAP Gateway allows login to publicly/privately hosted sites using credentials stored in Active Directory, OpenLDAP and other LDAP servers. If the LDAP Server is not publicly accessible from your site, this module can be used in conjunction with the miniOrange LDAP Gateway, which is deployed at the DMZ server in the intranet. Another benefit of this module is that multiple LDAP Configurations can be stored for multiple customers of a WordPress based Cloud Service Provider and mapping to the username can be done on the basis of the domain name.
miniOrange gateway is a small piece of software that can reside on a shared machine. It wont need its own machine and our customers generally install it on any server thats already in the DMZ.
Why LDAP Gateway?
LDAP with non public IP - This can be very beneficial if your aim is single sign on but your LDAP exists within your intranet with a non public IP. You can still authenticate your site (which could be anywhere outside your network) and with the help of this two part plugin (plugin + gateway) you can authenticate against your LDAP and achieve single sign on.
Secure calls using HTTPS - All remote calls happen through an encrypted channel.
Setup LDAP configuration once and access from multiple sites - You only need to setup your LDAP configuration once and you can access from multiple sites, thereby achieving ease of use.
Your LDAP stays secure since its behind your firewall.
Cloud based LDAP authentication system - This means that the libraries that are needed to authenticate against your LDAP/AD is not PHP based so it can support a much larger variety of LDAP.