directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Zoerner <>
Subject Embedded ApacheDS 1.5 as a Tomcat Realm
Date Mon, 25 May 2009 20:37:39 GMT
Hi all,

I have "wrapped" ApacheDS 1.5.5 as an Apache Tomcat Realm.

Source code (a Maven2 project) is in my sandbox:

What is it?

Within Apache Tomcat, a realm is (cite from Website) a "database" of 
user names and passwords that identify valid users of a web application 
(or set of web applications), plus an enumeration of the list of roles 
associated with each valid user.

In order to use Apache Directory Server (ApacheDS) as a realm, the 
straight forward approach is to use the JNDIRealm shipped with Tomcat. 
It can handle arbitrary LDAP servers, among them ApacheDS.

Because ApacheDS is 100% pure Java and embeddable, there is another 
option: Implement the Realm interface from Apache Tomcat and run within 
Tomcat. There are (at least) two interesting things about this approach:

1. Tomcat can use ApacheDS without the wire protocol, because the realm 
has a handle to the "in process" API of ApacheDS

2. ApacheDS runs within Tomcat and starts and stops automatically along 
with the web application server

While the first point promises some performance advantages, which are 
irrelevant in most situations (because LDAP servers like ApacheDS are 
optimized for read operations anyway), the second reason makes this 
approach a good option for development environments.

Learn more about it (I have started a minimal documentation) here

I hope, some people think it is useful. If so, we can perhaps create an 
official artifact out of it, later on.

Any feedback is highly appreciated.

Greetings from Hamburg,

View raw message