geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: LDAP security realm across multiple instances
Date Thu, 31 Jul 2008 18:00:05 GMT

On Jul 31, 2008, at 10:48 AM, jbeaulau wrote:

>
> Geronimo: 2.1.1
> JRE: 1.5.0_08-b03 - Sun Microsystems Inc.
>
> Hello,
>
> We have a security realm issue that we’re requesting some insight for.
> Searched the forums but couldn't find same issue.
>
> We are running multiple instances from one repository, and have  
> configured a
> server-wide LDAP security realm in one instance that successfully
> authenticates for an application deployed from that instance. When
> an application is configured to use that same security realm in  
> another
> instance running from the same repository, the credentials windows  
> appears
> as normal, but when valid credentials are entered in the  
> authentication box
> and committed, the box disappears as normal, but authentication fails.
>
> The only entry in the geronimo.out log file is “mortbay.log AUTH  
> FAILURE:
> user foo”
>
> The realm is not visible from any instance other than the originating
> instance, and that is understandable, but is this a limitation with  
> security
> realms and multiple instances?
>
> Does “server-wide” mean per instance only?

yes.  The terms "server-wide" vs "application" are extremely  
misleading and I've been trying to get people to stop using them for  
years.  It has something to do with the lifetime of a components  
deployment rather than much to do with its visibility.  In any case  
the instances all running on one repository are different "servers".

thanks
david jencks
>
>
> Thank you
> -John
>
> -- 
> View this message in context: http://www.nabble.com/LDAP-security-realm-across-multiple-instances-tp18759985s134p18759985.html
> Sent from the Apache Geronimo - Users mailing list archive at  
> Nabble.com.
>


Mime
View raw message