directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <>
Subject Re: LDAP Dispatcher Servlet
Date Sun, 31 Dec 2006 20:01:50 GMT
Tim Quinn a écrit :

> Greetings,
> I have been finding situations where systems that require 
> authentication but
> cannot for various reasons migrate to LDAP infrastructure. The current
> system depends on a remotely maintained service utilizes authentication
> binds over http posts.
> I was wondering if anybody has done or seen source code to do the 
> following:
>   - Have Java Servlet(s) that mimics itself as an LDAP Server for doing
>   basic TLS Bind / Rebind authentication flows.
>   - This Servlet will accept transactions and will have code within to
>   logically handle how the call is passed on down the chain; either to 
> make
>   Https calls to some basic bind auth service or to route to a real 
> localized
>   ldap or other authentication database.
>      - Servlet should should act extactly as an LDAP server in such
>      that the client is unaware that it is not a real LDAP server.
>   - Code could also be written to localize the authentication
>   information so that if remote auth bind services are unavailabe, 
> client will
>   likely still be able to authenticate by authenticating to the local 
> store.

Apache Directory Server is embadable in a java application. It is really 
simple to write a servlet which has an init() method which embed the 
server and launch it, then you will be able to authenticate incoming 
user with this servlet. The only tricky part is the place where you will 
store the data : you will need to have write access to the disk to do that.

> The important thing here is that we must assume that we cannot change the
> remote auth service and therefore, going pure LDAP is out of the 
> question.
> Thanks for your time and interest.
> Regards,
> Timothy C. Quinn
Happy new year !

View raw message