Accompanied the city of Villeurbanne – located in the metropolis of Lyon in France – to implement a unique and secure Authentication System based on LemonLDAP :: NG technology.
Business sectorPublic Admnistration
- Strategy & Consulting
- SSO Development
- Technical Support
- Project Management
10days of project management
The city launched a project to revolutionize its current WebSSO (Single Sign On) to have greater control of its user’s access rights to sensitive data, given the implementation of new applications in their information system.
After an in depth research and review of the principal actors of the market, the town was drawn to LemonLDAP::NG unique authentication system. The city gave the mandate to Savoir-faire Linux to assist them in the implementation of LemonLDAP::NG 1.9.
Savoir-faire Linux submitted a target architecture proposition to the city of Villeurbanne designed around the WebSSO LemonLDAP::NG 1.9.
The Savoir-faire Linux team lead the initialization of the project, OpenLDAP configurations, WebSSO and LSC connector. They were also responsible for installing and configuring the software, documenting the installation, application connexion testing and transferring the project into production.
The project was broken down into different phases:
- The implementation of an OpenLDAP directory to replace the referential external identity database;
- The creation of connectors to automatically synchronize the accounts and Active Directory groups in the OpenLDAP directory;
- The management of group rights in OpenLDAP associating internal and external users;
- The implementation of LemonLDAP::NG as a CAS server to replace the old system and personalize the authentication pattern;
- The migration of applications towards the new CAS server.
Savoir-faire Linux’s technical team assisted Villeurbanne on the functional aspects related to user management and the master of technical blocks.
- The client now has a central directory of identities (internal and external) and a WebSSO tool and access control
- The possibility of using LemonLDAP::NG as a CAS server, but also as a supplier of headers or SAML or OpenID Connect supplier allowing to connect to a large range of applications.
“In the context of an intranet project comprised of multiple Open Source solutions, we were looking to use a single authentification tool that would allow us to manage user rights in conjunction with our Active Directory account system. After having analyzed many different solutions, we decided to go with LemonLDAP::NG, which suited our needs perfectly. It has also turned into a great opportunity to create an authentification portal for our Web applications. We foresee the possibility of extending LemonLDAP::NG even further in the domain of strong authentification.”
Technology and Security Manager