tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Holman <>
Subject Re: JNDIRealm
Date Sat, 02 Feb 2002 00:07:29 GMT

At 15:06 29/01/02, you wrote:
>John Holman wrote:
> >
> > JNDIRealm works by retrieving the password from the directory server and
> > comparing it explicitly with the value given by
> > the user. Unfortunately AFAIK this mode of operation will not work with
> > eDirectory.
>Reading the Realm HOWTO again made me realize that... Why would anyone
>want the Realm to get the password from the server instead of doing a
>simple LDAP bind?

I agree - almost always a bind is better, unless you need to support HTTP 

> > There have been proposals (e.g. from me) to enhance JNDIRealm to allow it
> > to authenticate the user by binding to the directory server, in the same
> > way as auth_ldap. This should work with eDirectory, but isn't available 
> yet.
>Have the proposal been approved by the Tomcat developers, and are there
>any people working on this issue?

Similar proposals are in the draft functional specification for the JNDI 
realm, and
I submitted a patch to the tomcat-dev list earlier today that implements 
the required
functionality. You are more than welcome to try it, if you get the chance.

I'm hoping that this patch will get incorporated into Tomcat ...


>Fredrik Westermarck
>To unsubscribe:   <>
>For additional commands: <>
>Troubles with the list: <>

To unsubscribe:   <>
For additional commands: <>
Troubles with the list: <>

View raw message