* OAuth 2.0 OIDC
- There are many authentication mechanisms
- Examples: Basic, Digest, Form, X.509, OAuth 2.0 / OIDC
* There are many storage options for credential and authority data
- Examples: in-memory (for development only), database, LDAP
LDAP (Lightweight Directory Access Protocol) is not an authentication mechanism itself, but it is often used as a protocol for accessing and managing directory services that can store authentication-related information.
LDAP is primarily used for directory services, which are hierarchical databases that store and organize information about users, devices, and other resources in a network.
While LDAP itself does not provide authentication, it can be used in conjunction with other authentication mechanisms to facilitate user authentication.
For example, LDAP directories are commonly used to store user account information, such as usernames and passwords (although storing plain text passwords in LDAP is generally discouraged for security reasons).
When a user attempts to log in, an authentication mechanism such as LDAP binds to the directory server to verify the user's credentials.LDAP can also be used to store other information related to user access, such as group memberships and access control lists.
The actual authentication process often involves LDAP in conjunction with other mechanisms, such as username/password validation or integration with Single Sign-On (SSO) systems.