Systematic Literature Review on the LDAP Protocol As a Centralized Mechanism for the Authentication of Users in Multiple Systems


The protocol LDAP (Lightweight Directory Access Protocol) allows centralized identity authentication, where the information of the directory is faster and easier to read. This article carries out a systematic literature review (SLR) according to what is proposed in the article by Bárbara Kitchenham [1], aimed to identify different methods for users’ authentication in multiple systems using LDAP protocol, an analysis of criteria is carried out about different studies published in five digital libraries (Scopus, IEEEXplorer,, Google Scholar, DBLP), and two academic magazines (Revista Energía of UNL, Revista Científica of UTB), making relevant conclusions of the use of four mechanisms for the authentication of users of multiple systems such as: Languaje PHP, SSO (Single sign-on), IAM (Identity and Access Management), and T-RBAC (Access control based on roles and tasks), predominantly the use of the PHP language for its administrative tools for managing LDAP servers.



Keywords: LDAP, authentication, user management, systematic literature review, security

[1] Kitchenham, B.: Procedures for performing systematic reviews. Keele, UK, Keele Univ. 33, 28 (2004).

[2] OpenLDAP Software 2.4 Administrator’s Guide, admin24/guide.html#What is a directory service.

[3] Butcher, M.: Mastering OpenLDAP. (2007).

[4] Qadeer, M.A., Salim, M., Sana Akhtar, M.: Profile management and authentication using LDAP. Proc. - 2009 Int. Conf. Comput. Eng. Technol. ICCET 2009. 2, 247–251 (2009).

[5] Mishra, U.: Inventions on LDAP-A study based on US Patents. 1–15 (2014).

[6] Jose, M., Gonzáles, M., Epaña, Á.: User Management with LDAP (Lightweight Directory Access Protocol) for access to technology and Information Services in Companies ´. J. Sci. Res. Rev. Cienc. E Investig. ´ ON, E-ISSN 2528-8083, VOL. 1, CITT, PP. 10-15. 1, 10–15 (2016).

[7] Thakur, M.A., Gaikwad, R.: User identity & lifecycle management using LDAP directory server on distributed network. 2015 Int. Conf. Pervasive Comput. Adv. Commun. Technol. Appl. Soc. ICPC 2015. 00, 1–3 (2015).

[8] Espinoza, G., Ortega, P., Palacios, C., Junior, S.: Intelligent agents applied to the management of ldap user profiles, docs/revista_energ__a/91, (2014).

[9] Obimbo, C.: Vulnerabilities of LDAP As An Authentication Service. J. Inf. Secur. 02, 151–157 (2011).

[10] Shrivastava, A., Rizvi, M.A.: External authentication approach for virtual private network using LDAP. In: 2014 First International Conference on Networks & Soft Computing (ICNSC2014). pp. 50–54. IEEE (2014).

[11] Raipurkar, K. V., Deorankar, A. V.: Improve data security in cloud environment by using LDAP and two way encryption algorithm. In: 2016 Symposium on Colossal Data Analysis and Networking (CDAN). pp. 1–4. IEEE (2016).

[12] Dharme, W.S.: Authentication using LDAP in Wireless Body Area Network. 4, 235– 239 (2017).

[13] Shahriar, H., Haddad, H.M., Bulusu, P.: OCL Fault Injection-Based Detection of LDAP Query Injection Vulnerabilities. Proc. - Int. Comput. Softw. Appl. Conf. 2, 455–460 (2016).

[14] Wang, W., Luo, H., Deng, H.: Research on data and workflow security of electronic military systems. Proc. 2013 Int. Conf. Intell. Control Inf. Process. ICICIP 2013. 705–709 (2013).

[15] Xiao, Y., Zhao, Y.: Study and design of enterprise public security platform based on PKI. Proc. - 13th Int. Symp. Distrib. Comput. Appl. to Business, Eng. Sci. DCABES 2014. 258–262 (2014).

[16] Bulusu, P., Shahriar, H., Haddad, H.M.: Classification of Lightweight Directory Access Protocol Query Injection Attacks and Mitigation Techniques. 337–344 (2015).

[17] Andjarwirawan, J., Palit, H.N., Salim, J.C.: Linux PAM to LDAP Authentication Migration. 2017 Int. Conf. Soft Comput. Intell. Syst. Inf. Technol. 155–159 (2017).

[18] Ming, J.: Research of Unified Authentication System Based on LDAP. 1044–1047 (2012).

[19] Zhiyuan Wu1, Z. edu. c., Weiping Huang1, H. edu. c., Lei Yu1, Y. edu. c.: Design and Implementation of unified Identity Authentication System Based on LDAP in Digital Campus. Adv. Mater. Res. 1213–1217 (2014).

[20] Muttaqin, A.H., Rochim, A.F., Widianto, E.D.: Sistem Autentikasi Hotspot Menggunakan LDAP dan Radius pada Jaringan Internet Wireless Prodi Teknik Sistem Komputer. J. Teknol. dan Sist. Komput. 4, 282–288 (2016).

[21] Bauereiß, T., Gohmann, S., Hutter, D., Kläser, A.: Selective LDAP Multi-Master Replication. Proc. Open Identity Summit 2013. Open Identity Summit (OID-2013), Sept. 9-11, Kloster Banz, Ger. 94–105 (2013).

[22] Loayza J, J., Castillo, J, F., Chamba, L, A.: Implemetation of Eduroam as Wirelless Infraestructure on the Campus of National University of Loja., universidadnacionaldeloja/docs/revista_energ__a/91, (2014).

[23] Ming, J.: Research of Unified Authentication System Based on LDAP. 1044–1047 (2012).

[24] Wu, Z., Huang, W., Yu, L.: Design and Implementation of unified Identity Authentication System Based on LDAP in Digital Campus. 1213–1217 (2014).