directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <>
Subject Re: Proxy or Metadirectory
Date Fri, 11 Apr 2008 23:15:20 GMT
Juergen Weber wrote:
> Hi,
Hi Juergen,

first sorry for the late answer, but we were all quite busy (Amsterdam 
Apache Conference ...)
> I have a Tomcat installation that authenticates with JNDI realm
> against an LDAP server containing the users. Now I need some
> additional technical users that cannot go into the LDAP server.
> Unfortunately Tomcat can only use one active security realm. Ideal
> were if Tomcat would fall back to the standard memory realm if a user
> were not found in JNDI realm.
> So another option were to put the additional users into Apache
> Directory server and have it delegate against the other LDAP server.
> If Directory server knows user
>    return authenticate user
> else
>   user := other LDAP server lookup
>   return authenticate user
> endif
> Can this right now be done with Apache Directory server?
Right now, the short answer is yes. You can define a specific 
authenticator to do that (if I'm not completly off rails).

Sadly, I don't have enough time right now to give you some direction, 
but I will try to squeeze some time this week-end (no guarantee ...)

However, this is not something complex, and this is also a feature we 
_want_ to add to ADS asap.

Hope it helps (at least a little :) !

cordialement, regards,
Emmanuel L├ęcharny

View raw message