1. 轻量级目录访问协议(LDAP):
LDAP 代表轻量级目录访问协议。它是一种用于定位任何人以在网络中定位个人、组织和其他设备的协议,无论是在公共互联网还是公司互联网上。它用作目录即服务,是 Microsoft 构建活动目录的基础。
LDAP的特点:
- 它实现了一个具有灵活架构的开源协议。
- 直接通过 TCP/IP 和 SSL 运行。
- LDAP 是一种自我自动化的协议。
- 提供跨行业的广泛支持。
2. 远程认证拨入用户服务(RADIUS):
RADIUS 代表远程身份验证拨入用户服务。它是一种网络协议,可为使用网络服务的用户提供充足的集中身份验证、计费和授权。当用户请求访问网络资源时,协议开始工作,RADIUS 服务器对用户输入的凭据进行加密。在此之后,凭据通过本地数据库映射,此后,如果所有检查都为真,则授予用户访问权限。
半径的特点:
- 它的服务器可以充当其他 Radius 服务器的代理客户端。
- 通过共享密钥验证客户端和服务器之间的通信。
- 它支持用于身份验证的 PPP、PAP 和 CHAP 协议。
- 它使用 UDP 运行,是一种无状态协议。
LDAP 和 RADIUS 的区别:
| S.No. | LDAP | RADIUS |
|---|---|---|
| 1. | It is short called as Lightweight Directory Access Protocol. | It is short used for Remote Authentication Dial-In User Service. |
| 2. | LDAP is used for authorizing the details of the records when accessed. | It is used for centralized Authentication, Accounting, and Authorization for the user’s information. |
| 3. | It is not open-source but it possesses implementation such as Open LDAP which are open-source. | It is not open-source but it possesses implementation such as Free RADIUS which is open-source. |
| 4. | It supports two-factor authentication with RADIUS protocol. | It does not provide two-way authentication, but can set two levels of privileges. |
| 5. | LDAP appends authentication in two options SASL or anonymous authentication. | RADIUS provides authentication by RADIUS client also called NAS. |
| 6. | It renders authentication in multi-tier applications. | It provides authentication in multi-tier applications. |