Comment on Authentik vs Authelia?
sxan@midwest.social 2 weeks ago
Why don’t you like LDAP? OpenLDAP is a PITA (necessarily, I guess, to be considered “enterprise”), but lldap has been pretty nice to me. I mean, it’s the identity protocol, it’s just that the server software has been complex until relatively recently.
What would you use instead? A SQL DB with some custom schema, that just re-invents LDAP?
possiblylinux127@lemmy.zip 2 weeks ago
LDAP and ldaps are not great from a security perspective. They pass password though the application which means a single compromised app will create a full breach.
Better to use OpenID which uses a single sign on portal that tells the underlying app when authentication is successful. It has a much smaller attack surface and allows for much more flexibility.
keepee@lemmy.world 2 weeks ago
Yep, this is what I’m looking for