A Rock-Solid LDAP Authentication and CAS Sign-On for OpenERP & CodeIgniter
Our client is an integrated health system headquartered in the Dakotas. Being the largest employer of Dakotas, our client offers rural, not-for-profit health care system…


Our client is an integrated health system headquartered in the Dakotas. Being the largest employer of Dakotas, our client offers rural, not-for-profit health care system in its nation with numerous hospitals and clinics different states and countries.


  • To make the LDAP authentication service a central part of the systems authentication.
  • To create a round trip IMAP setup that utilizes both email client and OpenERP to communicate through a postfix/dovecot inbox.The goal is to host 100% of our application structure on a single domain.
  • LDAP as the central authentication for the network
  • OpenERP accounts automatically add and update LDAP accounts (OpenERP acts as frontend).
  • LDAP contains ­ username, email, name, password (SHA­1). Dovecot inbox is automatically available based on the new LDAP user.
  • When OpenERP or an email client (outlook, thunderbird) attempt to connect via IMAPS, the server will use LDAP to authenticate the account.
  • Users will have the ability to change their password via OpenERP and PHP apps, this will automatically update the LDAP info and update this info across all platforms.
  • CAS will be the single­ sign­-on service for the OpenERP and PHP applications. CAS needs authentication against LDAP for all account logins. Single sign-­on tokens are valid for 1 week.
  • Staff will manually create a inbound and outbound server for the new user accounts.
  • Inbound / Outbound email servers are connected to a user account similar to HR employees.
  • By clicking test or save, the account is authenticated through LDAP and a new Dovecot inbox is created. If a dovecot account is already present, the test and save button will authenticate correctly. The user account will only use it’s associated inbound and outbound email servers to send mail.
  • Add a “Send and Receive” button on the messages module in OpenERP to allow users to manually fetch email for just their associated account. A fetch for a single user’s email would happen during ? Messages page load ? Send & Receive button is clicked ? On a time loop (once every 3 minutes) when idle on the messages page. The timed loop to pull new messages will stop if a user is interacting with the page.


  • A single action of user authentication and authorization had to permit access of systems, documents, information which are allowed as per the Role based access, without the need to enter multiple passwords.
  • Single sign-on reduces human error, a major component of systems failure and which is therefore highly desirable but difficult to implement.
  • With huge amount of customer fitness information updated by trainers and customers authentication of these updates was to be done.
  • With involvement of Fitness trainers, Coaches, Business development as well as operation managers from various department & companies it was important to have authorized communication which had to be from specific users mail credentials only.



  • All tImproved the efficiency of the users and improved productivity resulted in focus on other Business segments.

  • User access could be controlled using a single authentication mechanism and make the job of the administrator very easy.

  • Drastically reduced the customer login issues for multiple applications and better user management.

  • Improved security for the complete application architecture.

Read more about KTree

KTree, a Global IT Company

What and how the processes are structured in KTree?

KTree's processes follow CMMi to ensure consistent, high-quality outcomes. With a focus on quality coding , code reviewing, and performance and load testing in our QA processes, we deliver reliable, scalable, and high-performing applications to meet our clients' needs.

How KTree makes outsourcing project a positive experience?

KTree delivers high-quality applications that meet our clients' needs, by prioritizing collaboration, communication, visibility, traceability, and requirements engineering. While we charge a little premium for our services, we believe that it is important to provide the necessary resources and expertise to ensure project success.

Any other Differentiation which KTree has, which it can offer?

KTree's tremendous knowledge and expertise, gained from working on hundreds of web and mobile application projects, gives us a significant advantage that allows us to provide a head-start on projects, saving our clients many man-months.

Where is KTree's Web and Mobile application Development done?

KTree's web and mobile application development primarily takes place at our Hyderabad development center. Hyderabad is not only abundant in IT talent but is also known for its rich heritage and exotic food.

What is Success mantra of KTree, as one of the respected web development company?

The success mantra of KTree as a respected web development company is combining Agile methodology with strong documentation, powerful web and mobile frameworks, and a solid KTree team to deliver great web and mobile applications within a specified timeframe.

What Development methodology KTree follows and why?

KTree's development team follows the Scrum framework of the Agile methodology, which improves Agility through its simplicity and flexibility. This allows us to adapt to changing project requirements and deliver high-quality products within the specified timeframe.

Leverage the expertise of a Top Application development company for your enterprise web and mobile application needs.

Contact our solid KTree team to get started.

We Value Our Customers

Find Out Why They Keep Coming Back to KTree, at KTree, we prioritize our customers and aim to deliver exceptional experiences. Their positive feedback is a testament to our commitment to excellence in every aspect of our service.

Our Clients