I worked on a project a while back where the Architect decided to use LDAP for managing authentication / authorization, rather than a traditional database approach.
The application was expected to scale rapidly by approx 500 – 1000 users a day, and then plateau at around 200k users. Beyond that, there was nothing special about this application.
I didn’t ask at the time, but I’m curious around why we would’ve used LDAP here.
As I understand it, the real strengths of LDAP lie in organizations where users are required to authenticate against several disconnected systems, and LDAP provides a single auth provider.
Are there additional benefits that make it a good fit for certain applications?
Actually, the scaling is one: LDAP is easily distributed across multiple servers.
The other reason, whether your architect mentioned it or not, is that there’s never in the history of the world been a single application that stayed single. Someone will have a new idea, and now there’s a unified single sign on technique already available and standard.