Re: Container based authentication using LDAP and Active Directory
On Wed, Sep 16, 2009 at 3:11 AM, Tobias Crefeld wrote: > Am Tue, 15 Sep 2009 15:00:39 -0500 > schrieb sharda k : > > >- User ids are being stored in LDAP > >- User credentials(password) are being stored in Active Directory > > (AD). > >- User roles are gain being stored in LDAP > > And how are ADS-credentials and LDAP'S "IDs" synchronized? > > Why don't you put the roles into ADS? ADS is based on LDAP with > Kerberos-authentication, so it should be no problem to add the > necessary schema extensions (untested - I have no ADS). > > BTW: There is a book called "Professional Apache Tomcat 6" at John > Wiley (www.wrox.com) with some advice how to setup authentication by > file, LDAP, PAM or database. > > > Regards, > Tobias. > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > Thank you all for your responses. I will try it and will see how it goes :) Tobias- Yes adding roles to AD would have a been the best way to simplify this scenario. But unfortunatly this was setup like this initially and roles are defined already in AD but are not in sync with LDAP which is the real user ID and role warehouse. AD is being used by many other systems for authentication so it cannot be modified now. So I am stuck with connecting to two servers for authentication and authorization. Regards, Sharda
Re: Container based authentication using LDAP and Active Directory
On 15/09/2009 22:42, George Sexton wrote: Asking the same question a different way will not yield a different result. You're going to have to figure that out yourself. @Sharda If you need to do something more complex than configure an existing Realm, ie implement your own JAASRealm, there is documentation on the Tomcat site which refers to the tutorials and hints for doing this. p George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 3:14 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Hi George, If I use LDAP API for user authetication, how can I get LoginContext and implement authorization? If you can please share some insight on this. Thanks, SK On Tue, Sep 15, 2009 at 3:46 PM, George Sexton wrote: I don't know. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] > Sent: Tuesday, September 15, 2009 2:45 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Thank you George. I think I need to elaborate my question further. I could bind user and fetch user roles using simple java class. But what I want to implement is JAAS. The problem is based on the information provided in different web sites I can use either LDAP or AD for both authentication and authorization. But I need to decouple authentication and authorization. How can I implement that? Any help would be appreciated. Sharda On Tue, Sep 15, 2009 at 3:19 PM, George Sexton wrote: AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] > Sent: Tuesday, September 15, 2009 2:12 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton wrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
Am Tue, 15 Sep 2009 15:00:39 -0500 schrieb sharda k : >- User ids are being stored in LDAP >- User credentials(password) are being stored in Active Directory > (AD). >- User roles are gain being stored in LDAP And how are ADS-credentials and LDAP'S "IDs" synchronized? Why don't you put the roles into ADS? ADS is based on LDAP with Kerberos-authentication, so it should be no problem to add the necessary schema extensions (untested - I have no ADS). BTW: There is a book called "Professional Apache Tomcat 6" at John Wiley (www.wrox.com) with some advice how to setup authentication by file, LDAP, PAM or database. Regards, Tobias. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
http://java.sun.com/j2se/1.5.0/docs/guide/security/jgss/single-signon.html might help you with secure authentication against AD. I use this for authentication purpose. Simple google landed me on these two wonderful pages maybe helpful... JAAS authentication http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnOnly.html <http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnOnly.html>JAAS authorization http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnAndAzn.html#WhatIsAzn let me know if this suffice your question. -Sumedh On Wed, Sep 16, 2009 at 2:14 AM, sharda k wrote: > Thank you George. > > I think I need to elaborate my question further. I could bind user and > fetch > user roles using simple java class. But what I want to implement is JAAS. > The problem is based on the information provided in different web sites I > can use either LDAP or AD for both authentication and authorization. But I > need to decouple authentication and authorization. How can I implement > that? > > Any help would be appreciated. > > Sharda > > On Tue, Sep 15, 2009 at 3:19 PM, George Sexton >wrote: > > > AD servers run an LDAP connector. You use and LDAP API library and try to > > bind to the tree using the user's name and password for credentials. > > > > George Sexton > > MH Software, Inc. > > http://www.mhsoftware.com/ > > Voice: 303 438 9585 > > > > > > > -Original Message- > > > From: sharda k [mailto:sktom...@gmail.com] > > > Sent: Tuesday, September 15, 2009 2:12 PM > > > To: Tomcat Users List > > > Subject: Re: Container based authentication using LDAP and Active > > > Directory > > > > > > How can I implement LDAP to authenticate against AD? Can you please > > > elaborate? > > > I need AD for authentication and LDAP fro authorization. > > > > > > Thank you, > > > Sharda > > > > > > On Tue, Sep 15, 2009 at 3:08 PM, George Sexton > > > wrote: > > > > > > > You can use LDAP to authenticate against AD. > > > > > > > > George Sexton > > > > MH Software, Inc. > > > > http://www.mhsoftware.com/ > > > > Voice: 303 438 9585 > > > > > > > > > > > > > -Original Message- > > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > > Sent: Tuesday, September 15, 2009 2:01 PM > > > > > To: users@tomcat.apache.org > > > > > Cc: sktom...@gmail.com > > > > > Subject: Container based authentication using LDAP and Active > > > Directory > > > > > > > > > > Hi, > > > > > > > > > > I want to implement Container based Authentication for a new web > > > site I > > > > > am > > > > > working on. > > > > > > > > > > The scenario that I have is: > > > > > > > > > >- User ids are being stored in LDAP > > > > >- User credentials(password) are being stored in Active > > > Directory > > > > > (AD). > > > > >- User roles are gain being stored in LDAP > > > > > > > > > > In all examples that I could find in different websites write about > > > > > LDAP > > > > > authentication in Tomcat. Is there a way we can combine both LDAP > > > and > > > > > AD for > > > > > authentication? > > > > > > > > > > Also I want to use custom login page for it. > > > > > > > > > > Any help on this would be appreciated. > > > > > > > > > > Thanks, > > > > > Sharda > > > > > > > > > > > > - > > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > > > > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > >
RE: Container based authentication using LDAP and Active Directory
Hi Sharda, AD is superset of LDAP. Thought this might help you in case you didn't know. -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Wednesday, September 16, 2009 3:15 AM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory OK ... :) On Tue, Sep 15, 2009 at 4:42 PM, George Sexton wrote: > Asking the same question a different way will not yield a different result. > > You're going to have to figure that out yourself. > > George Sexton > MH Software, Inc. > http://www.mhsoftware.com/ > Voice: 303 438 9585 > > > -Original Message- > > From: sharda k [mailto:sktom...@gmail.com] > > Sent: Tuesday, September 15, 2009 3:14 PM > > To: Tomcat Users List > > Subject: Re: Container based authentication using LDAP and Active > > Directory > > > > Hi George, > > > > If I use LDAP API for user authetication, how can I get LoginContext > > and > > implement authorization? If you can please share some insight on this. > > > > Thanks, > > SK > > > > > > > > On Tue, Sep 15, 2009 at 3:46 PM, George Sexton > > wrote: > > > > > I don't know. You're going to have to figure that out yourself. > > > > > > George Sexton > > > MH Software, Inc. > > > http://www.mhsoftware.com/ > > > Voice: 303 438 9585 > > > > > > > > > > -Original Message- > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > Sent: Tuesday, September 15, 2009 2:45 PM > > > > To: Tomcat Users List > > > > Subject: Re: Container based authentication using LDAP and Active > > > > Directory > > > > > > > > Thank you George. > > > > > > > > I think I need to elaborate my question further. I could bind user > > and > > > > fetch > > > > user roles using simple java class. But what I want to implement is > > > > JAAS. > > > > The problem is based on the information provided in different web > > sites > > > > I > > > > can use either LDAP or AD for both authentication and > > authorization. > > > > But I > > > > need to decouple authentication and authorization. How can I > > implement > > > > that? > > > > > > > > Any help would be appreciated. > > > > > > > > Sharda > > > > > > > > On Tue, Sep 15, 2009 at 3:19 PM, George Sexton > > > > wrote: > > > > > > > > > AD servers run an LDAP connector. You use and LDAP API library > > and > > > > try to > > > > > bind to the tree using the user's name and password for > > credentials. > > > > > > > > > > George Sexton > > > > > MH Software, Inc. > > > > > http://www.mhsoftware.com/ > > > > > Voice: 303 438 9585 > > > > > > > > > > > > > > > > -Original Message- > > > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > > > Sent: Tuesday, September 15, 2009 2:12 PM > > > > > > To: Tomcat Users List > > > > > > Subject: Re: Container based authentication using LDAP and > > Active > > > > > > Directory > > > > > > > > > > > > How can I implement LDAP to authenticate against AD? Can you > > please > > > > > > elaborate? > > > > > > I need AD for authentication and LDAP fro authorization. > > > > > > > > > > > > Thank you, > > > > > > Sharda > > > > > > > > > > > > On Tue, Sep 15, 2009 at 3:08 PM, George Sexton > > > > > > wrote: > > > > > > > > > > > > > You can use LDAP to authenticate against AD. > > > > > > > > > > > > > > George Sexton > > > > > > > MH Software, Inc. > > > > > > > http://www.mhsoftware.com/ > > > > > > > Voice: 303 438 9585 > > > > > > > > > > > > > > > > > > > > > > -Original Message- > > > > > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > > > > > Sent: Tuesday, September 15, 2009 2:01 PM > > > > > > > > To: users@tomcat.apache.org > > >
Re: Container based authentication using LDAP and Active Directory
OK ... :) On Tue, Sep 15, 2009 at 4:42 PM, George Sexton wrote: > Asking the same question a different way will not yield a different result. > > You're going to have to figure that out yourself. > > George Sexton > MH Software, Inc. > http://www.mhsoftware.com/ > Voice: 303 438 9585 > > > -Original Message- > > From: sharda k [mailto:sktom...@gmail.com] > > Sent: Tuesday, September 15, 2009 3:14 PM > > To: Tomcat Users List > > Subject: Re: Container based authentication using LDAP and Active > > Directory > > > > Hi George, > > > > If I use LDAP API for user authetication, how can I get LoginContext > > and > > implement authorization? If you can please share some insight on this. > > > > Thanks, > > SK > > > > > > > > On Tue, Sep 15, 2009 at 3:46 PM, George Sexton > > wrote: > > > > > I don't know. You're going to have to figure that out yourself. > > > > > > George Sexton > > > MH Software, Inc. > > > http://www.mhsoftware.com/ > > > Voice: 303 438 9585 > > > > > > > > > > -Original Message- > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > Sent: Tuesday, September 15, 2009 2:45 PM > > > > To: Tomcat Users List > > > > Subject: Re: Container based authentication using LDAP and Active > > > > Directory > > > > > > > > Thank you George. > > > > > > > > I think I need to elaborate my question further. I could bind user > > and > > > > fetch > > > > user roles using simple java class. But what I want to implement is > > > > JAAS. > > > > The problem is based on the information provided in different web > > sites > > > > I > > > > can use either LDAP or AD for both authentication and > > authorization. > > > > But I > > > > need to decouple authentication and authorization. How can I > > implement > > > > that? > > > > > > > > Any help would be appreciated. > > > > > > > > Sharda > > > > > > > > On Tue, Sep 15, 2009 at 3:19 PM, George Sexton > > > > wrote: > > > > > > > > > AD servers run an LDAP connector. You use and LDAP API library > > and > > > > try to > > > > > bind to the tree using the user's name and password for > > credentials. > > > > > > > > > > George Sexton > > > > > MH Software, Inc. > > > > > http://www.mhsoftware.com/ > > > > > Voice: 303 438 9585 > > > > > > > > > > > > > > > > -Original Message- > > > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > > > Sent: Tuesday, September 15, 2009 2:12 PM > > > > > > To: Tomcat Users List > > > > > > Subject: Re: Container based authentication using LDAP and > > Active > > > > > > Directory > > > > > > > > > > > > How can I implement LDAP to authenticate against AD? Can you > > please > > > > > > elaborate? > > > > > > I need AD for authentication and LDAP fro authorization. > > > > > > > > > > > > Thank you, > > > > > > Sharda > > > > > > > > > > > > On Tue, Sep 15, 2009 at 3:08 PM, George Sexton > > > > > > wrote: > > > > > > > > > > > > > You can use LDAP to authenticate against AD. > > > > > > > > > > > > > > George Sexton > > > > > > > MH Software, Inc. > > > > > > > http://www.mhsoftware.com/ > > > > > > > Voice: 303 438 9585 > > > > > > > > > > > > > > > > > > > > > > -Original Message- > > > > > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > > > > > Sent: Tuesday, September 15, 2009 2:01 PM > > > > > > > > To: users@tomcat.apache.org > > > > > > > > Cc: sktom...@gmail.com > > > > > > > > Subject: Container based authentication using LDAP and > > Active > > > > > > Directory > > > > > > > > > > > > > > > > Hi, > > > > > > >
RE: Container based authentication using LDAP and Active Directory
Asking the same question a different way will not yield a different result. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 > -Original Message- > From: sharda k [mailto:sktom...@gmail.com] > Sent: Tuesday, September 15, 2009 3:14 PM > To: Tomcat Users List > Subject: Re: Container based authentication using LDAP and Active > Directory > > Hi George, > > If I use LDAP API for user authetication, how can I get LoginContext > and > implement authorization? If you can please share some insight on this. > > Thanks, > SK > > > > On Tue, Sep 15, 2009 at 3:46 PM, George Sexton > wrote: > > > I don't know. You're going to have to figure that out yourself. > > > > George Sexton > > MH Software, Inc. > > http://www.mhsoftware.com/ > > Voice: 303 438 9585 > > > > > > > -Original Message- > > > From: sharda k [mailto:sktom...@gmail.com] > > > Sent: Tuesday, September 15, 2009 2:45 PM > > > To: Tomcat Users List > > > Subject: Re: Container based authentication using LDAP and Active > > > Directory > > > > > > Thank you George. > > > > > > I think I need to elaborate my question further. I could bind user > and > > > fetch > > > user roles using simple java class. But what I want to implement is > > > JAAS. > > > The problem is based on the information provided in different web > sites > > > I > > > can use either LDAP or AD for both authentication and > authorization. > > > But I > > > need to decouple authentication and authorization. How can I > implement > > > that? > > > > > > Any help would be appreciated. > > > > > > Sharda > > > > > > On Tue, Sep 15, 2009 at 3:19 PM, George Sexton > > > wrote: > > > > > > > AD servers run an LDAP connector. You use and LDAP API library > and > > > try to > > > > bind to the tree using the user's name and password for > credentials. > > > > > > > > George Sexton > > > > MH Software, Inc. > > > > http://www.mhsoftware.com/ > > > > Voice: 303 438 9585 > > > > > > > > > > > > > -Original Message- > > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > > Sent: Tuesday, September 15, 2009 2:12 PM > > > > > To: Tomcat Users List > > > > > Subject: Re: Container based authentication using LDAP and > Active > > > > > Directory > > > > > > > > > > How can I implement LDAP to authenticate against AD? Can you > please > > > > > elaborate? > > > > > I need AD for authentication and LDAP fro authorization. > > > > > > > > > > Thank you, > > > > > Sharda > > > > > > > > > > On Tue, Sep 15, 2009 at 3:08 PM, George Sexton > > > > > wrote: > > > > > > > > > > > You can use LDAP to authenticate against AD. > > > > > > > > > > > > George Sexton > > > > > > MH Software, Inc. > > > > > > http://www.mhsoftware.com/ > > > > > > Voice: 303 438 9585 > > > > > > > > > > > > > > > > > > > -Original Message- > > > > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > > > > Sent: Tuesday, September 15, 2009 2:01 PM > > > > > > > To: users@tomcat.apache.org > > > > > > > Cc: sktom...@gmail.com > > > > > > > Subject: Container based authentication using LDAP and > Active > > > > > Directory > > > > > > > > > > > > > > Hi, > > > > > > > > > > > > > > I want to implement Container based Authentication for a > new > > > web > > > > > site I > > > > > > > am > > > > > > > working on. > > > > > > > > > > > > > > The scenario that I have is: > > > > > > > > > > > > > >- User ids are being stored in LDAP > > > > > > >- User credentials(password) are being stored in Active > > > > > Directory > > > > > > > (AD). > > > > > > &g
Re: Container based authentication using LDAP and Active Directory
Hi George, If I use LDAP API for user authetication, how can I get LoginContext and implement authorization? If you can please share some insight on this. Thanks, SK On Tue, Sep 15, 2009 at 3:46 PM, George Sexton wrote: > I don't know. You're going to have to figure that out yourself. > > George Sexton > MH Software, Inc. > http://www.mhsoftware.com/ > Voice: 303 438 9585 > > > > -Original Message- > > From: sharda k [mailto:sktom...@gmail.com] > > Sent: Tuesday, September 15, 2009 2:45 PM > > To: Tomcat Users List > > Subject: Re: Container based authentication using LDAP and Active > > Directory > > > > Thank you George. > > > > I think I need to elaborate my question further. I could bind user and > > fetch > > user roles using simple java class. But what I want to implement is > > JAAS. > > The problem is based on the information provided in different web sites > > I > > can use either LDAP or AD for both authentication and authorization. > > But I > > need to decouple authentication and authorization. How can I implement > > that? > > > > Any help would be appreciated. > > > > Sharda > > > > On Tue, Sep 15, 2009 at 3:19 PM, George Sexton > > wrote: > > > > > AD servers run an LDAP connector. You use and LDAP API library and > > try to > > > bind to the tree using the user's name and password for credentials. > > > > > > George Sexton > > > MH Software, Inc. > > > http://www.mhsoftware.com/ > > > Voice: 303 438 9585 > > > > > > > > > > -Original Message- > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > Sent: Tuesday, September 15, 2009 2:12 PM > > > > To: Tomcat Users List > > > > Subject: Re: Container based authentication using LDAP and Active > > > > Directory > > > > > > > > How can I implement LDAP to authenticate against AD? Can you please > > > > elaborate? > > > > I need AD for authentication and LDAP fro authorization. > > > > > > > > Thank you, > > > > Sharda > > > > > > > > On Tue, Sep 15, 2009 at 3:08 PM, George Sexton > > > > wrote: > > > > > > > > > You can use LDAP to authenticate against AD. > > > > > > > > > > George Sexton > > > > > MH Software, Inc. > > > > > http://www.mhsoftware.com/ > > > > > Voice: 303 438 9585 > > > > > > > > > > > > > > > > -Original Message- > > > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > > > Sent: Tuesday, September 15, 2009 2:01 PM > > > > > > To: users@tomcat.apache.org > > > > > > Cc: sktom...@gmail.com > > > > > > Subject: Container based authentication using LDAP and Active > > > > Directory > > > > > > > > > > > > Hi, > > > > > > > > > > > > I want to implement Container based Authentication for a new > > web > > > > site I > > > > > > am > > > > > > working on. > > > > > > > > > > > > The scenario that I have is: > > > > > > > > > > > >- User ids are being stored in LDAP > > > > > >- User credentials(password) are being stored in Active > > > > Directory > > > > > > (AD). > > > > > >- User roles are gain being stored in LDAP > > > > > > > > > > > > In all examples that I could find in different websites write > > about > > > > > > LDAP > > > > > > authentication in Tomcat. Is there a way we can combine both > > LDAP > > > > and > > > > > > AD for > > > > > > authentication? > > > > > > > > > > > > Also I want to use custom login page for it. > > > > > > > > > > > > Any help on this would be appreciated. > > > > > > > > > > > > Thanks, > > > > > > Sharda > > > > > > > > > > > > > > > - > > > > > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > > > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > > > > > > > > > > > > > > - > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
RE: Container based authentication using LDAP and Active Directory
I don't know. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 > -Original Message- > From: sharda k [mailto:sktom...@gmail.com] > Sent: Tuesday, September 15, 2009 2:45 PM > To: Tomcat Users List > Subject: Re: Container based authentication using LDAP and Active > Directory > > Thank you George. > > I think I need to elaborate my question further. I could bind user and > fetch > user roles using simple java class. But what I want to implement is > JAAS. > The problem is based on the information provided in different web sites > I > can use either LDAP or AD for both authentication and authorization. > But I > need to decouple authentication and authorization. How can I implement > that? > > Any help would be appreciated. > > Sharda > > On Tue, Sep 15, 2009 at 3:19 PM, George Sexton > wrote: > > > AD servers run an LDAP connector. You use and LDAP API library and > try to > > bind to the tree using the user's name and password for credentials. > > > > George Sexton > > MH Software, Inc. > > http://www.mhsoftware.com/ > > Voice: 303 438 9585 > > > > > > > -Original Message- > > > From: sharda k [mailto:sktom...@gmail.com] > > > Sent: Tuesday, September 15, 2009 2:12 PM > > > To: Tomcat Users List > > > Subject: Re: Container based authentication using LDAP and Active > > > Directory > > > > > > How can I implement LDAP to authenticate against AD? Can you please > > > elaborate? > > > I need AD for authentication and LDAP fro authorization. > > > > > > Thank you, > > > Sharda > > > > > > On Tue, Sep 15, 2009 at 3:08 PM, George Sexton > > > wrote: > > > > > > > You can use LDAP to authenticate against AD. > > > > > > > > George Sexton > > > > MH Software, Inc. > > > > http://www.mhsoftware.com/ > > > > Voice: 303 438 9585 > > > > > > > > > > > > > -Original Message- > > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > > Sent: Tuesday, September 15, 2009 2:01 PM > > > > > To: users@tomcat.apache.org > > > > > Cc: sktom...@gmail.com > > > > > Subject: Container based authentication using LDAP and Active > > > Directory > > > > > > > > > > Hi, > > > > > > > > > > I want to implement Container based Authentication for a new > web > > > site I > > > > > am > > > > > working on. > > > > > > > > > > The scenario that I have is: > > > > > > > > > >- User ids are being stored in LDAP > > > > >- User credentials(password) are being stored in Active > > > Directory > > > > > (AD). > > > > >- User roles are gain being stored in LDAP > > > > > > > > > > In all examples that I could find in different websites write > about > > > > > LDAP > > > > > authentication in Tomcat. Is there a way we can combine both > LDAP > > > and > > > > > AD for > > > > > authentication? > > > > > > > > > > Also I want to use custom login page for it. > > > > > > > > > > Any help on this would be appreciated. > > > > > > > > > > Thanks, > > > > > Sharda > > > > > > > > > > > > - > > > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > > > > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
Thank you George. I think I need to elaborate my question further. I could bind user and fetch user roles using simple java class. But what I want to implement is JAAS. The problem is based on the information provided in different web sites I can use either LDAP or AD for both authentication and authorization. But I need to decouple authentication and authorization. How can I implement that? Any help would be appreciated. Sharda On Tue, Sep 15, 2009 at 3:19 PM, George Sexton wrote: > AD servers run an LDAP connector. You use and LDAP API library and try to > bind to the tree using the user's name and password for credentials. > > George Sexton > MH Software, Inc. > http://www.mhsoftware.com/ > Voice: 303 438 9585 > > > > -Original Message- > > From: sharda k [mailto:sktom...@gmail.com] > > Sent: Tuesday, September 15, 2009 2:12 PM > > To: Tomcat Users List > > Subject: Re: Container based authentication using LDAP and Active > > Directory > > > > How can I implement LDAP to authenticate against AD? Can you please > > elaborate? > > I need AD for authentication and LDAP fro authorization. > > > > Thank you, > > Sharda > > > > On Tue, Sep 15, 2009 at 3:08 PM, George Sexton > > wrote: > > > > > You can use LDAP to authenticate against AD. > > > > > > George Sexton > > > MH Software, Inc. > > > http://www.mhsoftware.com/ > > > Voice: 303 438 9585 > > > > > > > > > > -Original Message- > > > > From: sharda k [mailto:sktom...@gmail.com] > > > > Sent: Tuesday, September 15, 2009 2:01 PM > > > > To: users@tomcat.apache.org > > > > Cc: sktom...@gmail.com > > > > Subject: Container based authentication using LDAP and Active > > Directory > > > > > > > > Hi, > > > > > > > > I want to implement Container based Authentication for a new web > > site I > > > > am > > > > working on. > > > > > > > > The scenario that I have is: > > > > > > > >- User ids are being stored in LDAP > > > >- User credentials(password) are being stored in Active > > Directory > > > > (AD). > > > >- User roles are gain being stored in LDAP > > > > > > > > In all examples that I could find in different websites write about > > > > LDAP > > > > authentication in Tomcat. Is there a way we can combine both LDAP > > and > > > > AD for > > > > authentication? > > > > > > > > Also I want to use custom login page for it. > > > > > > > > Any help on this would be appreciated. > > > > > > > > Thanks, > > > > Sharda > > > > > > > > > - > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Container based authentication using LDAP and Active Directory
Thank you so much for yr reply... but i have done good lmfty... On Tue, Sep 15, 2009 at 3:18 PM, Pid wrote > On 15/09/2009 21:08, George Sexton wrote: > >> You can use LDAP to authenticate against AD. >> > > I can feel a lmgtfy coming on... ;) > > > p > > George Sexton >> MH Software, Inc. >> http://www.mhsoftware.com/ >> Voice: 303 438 9585 >> >> >> -Original Message- >>> From: sharda k [mailto:sktom...@gmail.com] >>> Sent: Tuesday, September 15, 2009 2:01 PM >>> To: users@tomcat.apache.org >>> Cc: sktom...@gmail.com >>> Subject: Container based authentication using LDAP and Active Directory >>> >>> Hi, >>> >>> I want to implement Container based Authentication for a new web site I >>> am >>> working on. >>> >>> The scenario that I have is: >>> >>>- User ids are being stored in LDAP >>>- User credentials(password) are being stored in Active Directory >>> (AD). >>>- User roles are gain being stored in LDAP >>> >>> In all examples that I could find in different websites write about >>> LDAP >>> authentication in Tomcat. Is there a way we can combine both LDAP and >>> AD for >>> authentication? >>> >>> Also I want to use custom login page for it. >>> >>> Any help on this would be appreciated. >>> >>> Thanks, >>> Sharda >>> >> >> >> - >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
RE: Container based authentication using LDAP and Active Directory
AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 > -Original Message- > From: sharda k [mailto:sktom...@gmail.com] > Sent: Tuesday, September 15, 2009 2:12 PM > To: Tomcat Users List > Subject: Re: Container based authentication using LDAP and Active > Directory > > How can I implement LDAP to authenticate against AD? Can you please > elaborate? > I need AD for authentication and LDAP fro authorization. > > Thank you, > Sharda > > On Tue, Sep 15, 2009 at 3:08 PM, George Sexton > wrote: > > > You can use LDAP to authenticate against AD. > > > > George Sexton > > MH Software, Inc. > > http://www.mhsoftware.com/ > > Voice: 303 438 9585 > > > > > > > -Original Message- > > > From: sharda k [mailto:sktom...@gmail.com] > > > Sent: Tuesday, September 15, 2009 2:01 PM > > > To: users@tomcat.apache.org > > > Cc: sktom...@gmail.com > > > Subject: Container based authentication using LDAP and Active > Directory > > > > > > Hi, > > > > > > I want to implement Container based Authentication for a new web > site I > > > am > > > working on. > > > > > > The scenario that I have is: > > > > > >- User ids are being stored in LDAP > > >- User credentials(password) are being stored in Active > Directory > > > (AD). > > >- User roles are gain being stored in LDAP > > > > > > In all examples that I could find in different websites write about > > > LDAP > > > authentication in Tomcat. Is there a way we can combine both LDAP > and > > > AD for > > > authentication? > > > > > > Also I want to use custom login page for it. > > > > > > Any help on this would be appreciated. > > > > > > Thanks, > > > Sharda > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
On 15/09/2009 21:08, George Sexton wrote: You can use LDAP to authenticate against AD. I can feel a lmgtfy coming on... ;) p George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Container based authentication using LDAP and Active Directory
You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 > -Original Message- > From: sharda k [mailto:sktom...@gmail.com] > Sent: Tuesday, September 15, 2009 2:01 PM > To: users@tomcat.apache.org > Cc: sktom...@gmail.com > Subject: Container based authentication using LDAP and Active Directory > > Hi, > > I want to implement Container based Authentication for a new web site I > am > working on. > > The scenario that I have is: > >- User ids are being stored in LDAP >- User credentials(password) are being stored in Active Directory > (AD). >- User roles are gain being stored in LDAP > > In all examples that I could find in different websites write about > LDAP > authentication in Tomcat. Is there a way we can combine both LDAP and > AD for > authentication? > > Also I want to use custom login page for it. > > Any help on this would be appreciated. > > Thanks, > Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton wrote: > You can use LDAP to authenticate against AD. > > George Sexton > MH Software, Inc. > http://www.mhsoftware.com/ > Voice: 303 438 9585 > > > > -Original Message- > > From: sharda k [mailto:sktom...@gmail.com] > > Sent: Tuesday, September 15, 2009 2:01 PM > > To: users@tomcat.apache.org > > Cc: sktom...@gmail.com > > Subject: Container based authentication using LDAP and Active Directory > > > > Hi, > > > > I want to implement Container based Authentication for a new web site I > > am > > working on. > > > > The scenario that I have is: > > > >- User ids are being stored in LDAP > >- User credentials(password) are being stored in Active Directory > > (AD). > >- User roles are gain being stored in LDAP > > > > In all examples that I could find in different websites write about > > LDAP > > authentication in Tomcat. Is there a way we can combine both LDAP and > > AD for > > authentication? > > > > Also I want to use custom login page for it. > > > > Any help on this would be appreciated. > > > > Thanks, > > Sharda > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >