Motivation: Save the work of creating/managing Continuum users by using the existing LDAP server for user authentication.
Proposed LDAP function:
We would like to start from the simple case which only use the LDAP server to verify Login/Password.
1)modify the application.xml to enable LDAP feature, and provide the LDAP server connecting string.
2)When start the Continuum for the first time, create an Admin login just like what current Continuum 1.0 does.
3)The Admin user will create a Default group, any user who does not belong to any group will be assigned to the Default group. In our case, all of the LDAP user will be in the default group.
The Default group can also be a predefined group comes with Continuum installation just like the Admin and Guest group.
4)When a user login, if the login/passwd is not the admin login/password in the Continuum Database, it will go to the LDAP for the authentication. The user will be assigned to the default group if it passed the LDAP authentication.
5)When work in LDAP mode, the "User Management" function of Continuum will be disabled. There will be only one "Admin" user in the Continuum Database. All of the other users are on the LDAP server.
I thnk this LDAP solution has minor impact to the current structure and it does not conflict with the authentication function currently used in Continuum.