Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Received-SPF: pass (hermes.apache.org: local policy)
Message-ID: <414891F3.7090305@joedog.org>
Date: Wed, 15 Sep 2004 15:03:15 -0400
From: Tim Funk <funkman@joedog.org>
Organization: Human being
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
 rv:1.6) Gecko/20040113
MIME-Version: 1.0
To: Tomcat Users List <tomcat-user@jakarta.apache.org>
Subject: Re: Tomcat and Active Directory/LDAP (Multiple Domains) (LDAP Newbie)
References: <200409151841.i8FIfVTj009125@sid.armstrong.com>
In-Reply-To: <200409151841.i8FIfVTj009125@sid.armstrong.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

It seems my solutoin doesn't apply with your description. Its sounds like 
you'd you'd need a key'd pool of connections if you wish to resuse connection 
to your ldap servers. commons-pool already does of a lot of that kind of 
functionality.

-Tim

John Mattos wrote:

> Hi Tim
> 
> Thanks for your input! I don't think there's a master domain, as the 4
> domains are in separate business units that are only sort of logically
> grouped.
> 
> Does my idea about multiple LDAP connections seem valid to you? Can you sort
> of describe your solution?
> 
> John
> 
> -----Original Message-----
> From: Tim Funk [mailto:funkman@joedog.org] 
> Sent: Wednesday, September 15, 2004 1:24 PM
> To: Tomcat Users List
> Subject: Re: Tomcat and Active Directory/LDAP (Multiple Domains) (LDAP
> Newbie)
> 
> I had to roll my own Realm loosely based on JNDIRealm. Working with Active 
> Directory, especially the way it was deploy, was so painful that regressed 
> most of the details.
> 
> I am guessing you have 4 different domains under and more generic domain.
> For 
> example:
> ad.funkman.net
> westcoast.ad.funkman.net
> eastcoast.ad.funkman.net
> europe.ad.funkman.net
> asia.ad.funkman.net
> 
> All my userid's are unique on samaccount. So to authenticate, I ask 
> ad.funkman.net for the user. Of course - no one reside on ad.funkman.net os 
> it issues me a referal to one of the other domains. I follow the referral
> and 
> perform the authentication. I'd show some code - but can't. I'd have to 
> recommend google for more details on implementation.
> 
> -Tim
> 
> John Mattos wrote:
> 
> 
>>Hi all
>>
>> 
>>
>>I have a need to validate users that may exist in one of 4 Active
> 
> Directory
> 
>>Domains for a web-app running on Tomcat 5.x/Apache 2.x. 
>>
>> 
>>
>>What's the best way to accomplish this?
>>
>> 
>>
>>I have read the following thread -->
>>http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg130900.html
>>which is a good start, but doesn't address the issue of multiple domains.
>>
>> 
>>
>>I also see that the JNDI tutorial is something I should read thoroughly at
>>--> http://java.sun.com/developer/technicalArticles/Programming/jndi/
>>
>> 
>>
>>Is there anyone who has already solved a similar problem out there or has
>>some brilliant idea that will help me out?
>> 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org