Umm. I think this very important requirement is (or about to be) addressed via the J2EE "security service" architecture and the Java Authentication & Authorization Service (JAAS) API. Check out the examples at java.sun.com under J2EE (Security section of the Developer's Guide) and JAAS. Also check out one of the J2EE appservers to have a look at the implemented facilities. I have heard that BEA's product includes an LDAP authentication/authorization interface. The one I've looked at most JRun does not, but provides config hooks and some guidance on substituting your own authenticator class for their built-in one that uses property files as the persistent namespace. I am cruising this newsgroup precisely to get some answers related to a similar need, namely, what directory schema elements are commonly used (or might be used) to mesh with the J2EE/JAAS model. Groups? Username? and general approaches to managing access rights info for multiple apps. If you need to implement something ASAP, Netegrity offers a product that does all this stuff and can use directories and/or databases to manage app auth info (for web apps; according to their literature; YMMV.) Martin Rick Dennis wrote: > Keith Doyle wrote: > > > Once I set up a directory server to provide for loging in and > > authenticating users, how do I link the directory servers access control > > features with applications that could be on another server. > > Thanks - K. Doyle. > > That's a HUGE question. Let me first make sure I'm hearing u right. > > You are looking to have other apps use the LDAP server to authenticate > users? > > Well....if it's an app that lets you point to an LDAP server...Great. > > If you are looking to integrate an Web app u have with LDAP, then u are > obviously going to need to write some interface. > > LDAP is a standard protocol, and u can point any server to it. You can > even point your netscape browser to it: > ldap://myldapserver.com:389/o=myorg,c=us > > -Rick
