I'm trying to use form based authentication with JNDIRealm to validate users in an Active Directory Application Mode (ADAM) directory. I have a small test app working; however, I must enable anonymous binds in ADAM or provide the username and password in the realm element. Obviously both of these options are not ideally secure.
What I want is to have the Tomcat connect and bind to the directory with the username and password supplied in the login form. The Realms and AAA section of the docs say this: "If these properties (connectionName and connectionPassword) are not specified the connection is anonymous. This is sufficient in many cases." What I run in to is that when Tomcat tries the initial connection it fails. I then cannot connect and bind with the user name and password supplied by the form. Does anyone know of a way to force Tomcat to attempt the connection and bind after the failed connection attempt? Thank you Chris