Tim Quinn a écrit :
Greetings,
I have been finding situations where systems that require
authentication but
cannot for various reasons migrate to LDAP infrastructure. The current
system depends on a remotely maintained service utilizes authentication
binds over http posts.
I was wondering if anybody has done or seen source code to do the
following:
- Have Java Servlet(s) that mimics itself as an LDAP Server for doing
basic TLS Bind / Rebind authentication flows.
- This Servlet will accept transactions and will have code within to
logically handle how the call is passed on down the chain; either to
make
Https calls to some basic bind auth service or to route to a real
localized
ldap or other authentication database.
- Servlet should should act extactly as an LDAP server in such
that the client is unaware that it is not a real LDAP server.
- Code could also be written to localize the authentication
information so that if remote auth bind services are unavailabe,
client will
likely still be able to authenticate by authenticating to the local
store.
Apache Directory Server is embadable in a java application. It is really
simple to write a servlet which has an init() method which embed the
server and launch it, then you will be able to authenticate incoming
user with this servlet. The only tricky part is the place where you will
store the data : you will need to have write access to the disk to do that.
The important thing here is that we must assume that we cannot change the
remote auth service and therefore, going pure LDAP is out of the
question.
Thanks for your time and interest.
Regards,
Timothy C. Quinn
Happy new year !
Emmanuel
