Re: Container based authentication using LDAP and Active Directory
Am Tue, 15 Sep 2009 15:00:39 -0500 schrieb sharda k sktom...@gmail.com: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP And how are ADS-credentials and LDAP'S IDs synchronized? Why don't you put the roles into ADS? ADS is based on LDAP with Kerberos-authentication, so it should be no problem to add the necessary schema extensions (untested - I have no ADS). BTW: There is a book called Professional Apache Tomcat 6 at John Wiley (www.wrox.com) with some advice how to setup authentication by file, LDAP, PAM or database. Regards, Tobias. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
On 15/09/2009 22:42, George Sexton wrote: Asking the same question a different way will not yield a different result. You're going to have to figure that out yourself. @Sharda If you need to do something more complex than configure an existing Realm, ie implement your own JAASRealm, there is documentation on the Tomcat site which refers to the tutorials and hints for doing this. p George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 3:14 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Hi George, If I use LDAP API for user authetication, how can I get LoginContext and implement authorization? If you can please share some insight on this. Thanks, SK On Tue, Sep 15, 2009 at 3:46 PM, George Sexton geor...@mhsoftware.comwrote: I don't know. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:45 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Thank you George. I think I need to elaborate my question further. I could bind user and fetch user roles using simple java class. But what I want to implement is JAAS. The problem is based on the information provided in different web sites I can use either LDAP or AD for both authentication and authorization. But I need to decouple authentication and authorization. How can I implement that? Any help would be appreciated. Sharda On Tue, Sep 15, 2009 at 3:19 PM, George Sexton geor...@mhsoftware.comwrote: AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:12 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton geor...@mhsoftware.comwrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
On Wed, Sep 16, 2009 at 3:11 AM, Tobias Crefeld t...@cataneo.eu wrote: Am Tue, 15 Sep 2009 15:00:39 -0500 schrieb sharda k sktom...@gmail.com: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP And how are ADS-credentials and LDAP'S IDs synchronized? Why don't you put the roles into ADS? ADS is based on LDAP with Kerberos-authentication, so it should be no problem to add the necessary schema extensions (untested - I have no ADS). BTW: There is a book called Professional Apache Tomcat 6 at John Wiley (www.wrox.com) with some advice how to setup authentication by file, LDAP, PAM or database. Regards, Tobias. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org Thank you all for your responses. I will try it and will see how it goes :) Tobias- Yes adding roles to AD would have a been the best way to simplify this scenario. But unfortunatly this was setup like this initially and roles are defined already in AD but are not in sync with LDAP which is the real user ID and role warehouse. AD is being used by many other systems for authentication so it cannot be modified now. So I am stuck with connecting to two servers for authentication and authorization. Regards, Sharda
Container based authentication using LDAP and Active Directory
Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda
Re: Container based authentication using LDAP and Active Directory
How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton geor...@mhsoftware.comwrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Container based authentication using LDAP and Active Directory
You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
On 15/09/2009 21:08, George Sexton wrote: You can use LDAP to authenticate against AD. I can feel a lmgtfy coming on... ;) p George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Container based authentication using LDAP and Active Directory
AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:12 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton geor...@mhsoftware.comwrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
Thank you so much for yr reply... but i have done good lmfty... On Tue, Sep 15, 2009 at 3:18 PM, Pid p...@pidster.com wrote On 15/09/2009 21:08, George Sexton wrote: You can use LDAP to authenticate against AD. I can feel a lmgtfy coming on... ;) p George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
Thank you George. I think I need to elaborate my question further. I could bind user and fetch user roles using simple java class. But what I want to implement is JAAS. The problem is based on the information provided in different web sites I can use either LDAP or AD for both authentication and authorization. But I need to decouple authentication and authorization. How can I implement that? Any help would be appreciated. Sharda On Tue, Sep 15, 2009 at 3:19 PM, George Sexton geor...@mhsoftware.comwrote: AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:12 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton geor...@mhsoftware.comwrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Container based authentication using LDAP and Active Directory
I don't know. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:45 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Thank you George. I think I need to elaborate my question further. I could bind user and fetch user roles using simple java class. But what I want to implement is JAAS. The problem is based on the information provided in different web sites I can use either LDAP or AD for both authentication and authorization. But I need to decouple authentication and authorization. How can I implement that? Any help would be appreciated. Sharda On Tue, Sep 15, 2009 at 3:19 PM, George Sexton geor...@mhsoftware.comwrote: AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:12 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton geor...@mhsoftware.comwrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
Hi George, If I use LDAP API for user authetication, how can I get LoginContext and implement authorization? If you can please share some insight on this. Thanks, SK On Tue, Sep 15, 2009 at 3:46 PM, George Sexton geor...@mhsoftware.comwrote: I don't know. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:45 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Thank you George. I think I need to elaborate my question further. I could bind user and fetch user roles using simple java class. But what I want to implement is JAAS. The problem is based on the information provided in different web sites I can use either LDAP or AD for both authentication and authorization. But I need to decouple authentication and authorization. How can I implement that? Any help would be appreciated. Sharda On Tue, Sep 15, 2009 at 3:19 PM, George Sexton geor...@mhsoftware.comwrote: AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:12 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton geor...@mhsoftware.comwrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Container based authentication using LDAP and Active Directory
Asking the same question a different way will not yield a different result. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 3:14 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Hi George, If I use LDAP API for user authetication, how can I get LoginContext and implement authorization? If you can please share some insight on this. Thanks, SK On Tue, Sep 15, 2009 at 3:46 PM, George Sexton geor...@mhsoftware.comwrote: I don't know. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:45 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Thank you George. I think I need to elaborate my question further. I could bind user and fetch user roles using simple java class. But what I want to implement is JAAS. The problem is based on the information provided in different web sites I can use either LDAP or AD for both authentication and authorization. But I need to decouple authentication and authorization. How can I implement that? Any help would be appreciated. Sharda On Tue, Sep 15, 2009 at 3:19 PM, George Sexton geor...@mhsoftware.comwrote: AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:12 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton geor...@mhsoftware.comwrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Container based authentication using LDAP and Active Directory
OK ... :) On Tue, Sep 15, 2009 at 4:42 PM, George Sexton geor...@mhsoftware.comwrote: Asking the same question a different way will not yield a different result. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 3:14 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Hi George, If I use LDAP API for user authetication, how can I get LoginContext and implement authorization? If you can please share some insight on this. Thanks, SK On Tue, Sep 15, 2009 at 3:46 PM, George Sexton geor...@mhsoftware.comwrote: I don't know. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:45 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Thank you George. I think I need to elaborate my question further. I could bind user and fetch user roles using simple java class. But what I want to implement is JAAS. The problem is based on the information provided in different web sites I can use either LDAP or AD for both authentication and authorization. But I need to decouple authentication and authorization. How can I implement that? Any help would be appreciated. Sharda On Tue, Sep 15, 2009 at 3:19 PM, George Sexton geor...@mhsoftware.comwrote: AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:12 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton geor...@mhsoftware.comwrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Container based authentication using LDAP and Active Directory
Hi Sharda, AD is superset of LDAP. Thought this might help you in case you didn't know. -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Wednesday, September 16, 2009 3:15 AM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory OK ... :) On Tue, Sep 15, 2009 at 4:42 PM, George Sexton geor...@mhsoftware.comwrote: Asking the same question a different way will not yield a different result. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 3:14 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Hi George, If I use LDAP API for user authetication, how can I get LoginContext and implement authorization? If you can please share some insight on this. Thanks, SK On Tue, Sep 15, 2009 at 3:46 PM, George Sexton geor...@mhsoftware.comwrote: I don't know. You're going to have to figure that out yourself. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:45 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory Thank you George. I think I need to elaborate my question further. I could bind user and fetch user roles using simple java class. But what I want to implement is JAAS. The problem is based on the information provided in different web sites I can use either LDAP or AD for both authentication and authorization. But I need to decouple authentication and authorization. How can I implement that? Any help would be appreciated. Sharda On Tue, Sep 15, 2009 at 3:19 PM, George Sexton geor...@mhsoftware.comwrote: AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:12 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton geor...@mhsoftware.comwrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr
Re: Container based authentication using LDAP and Active Directory
http://java.sun.com/j2se/1.5.0/docs/guide/security/jgss/single-signon.html might help you with secure authentication against AD. I use this for authentication purpose. Simple google landed me on these two wonderful pages maybe helpful... JAAS authentication http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnOnly.html http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnOnly.htmlJAAS authorization http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnAndAzn.html#WhatIsAzn let me know if this suffice your question. -Sumedh On Wed, Sep 16, 2009 at 2:14 AM, sharda k sktom...@gmail.com wrote: Thank you George. I think I need to elaborate my question further. I could bind user and fetch user roles using simple java class. But what I want to implement is JAAS. The problem is based on the information provided in different web sites I can use either LDAP or AD for both authentication and authorization. But I need to decouple authentication and authorization. How can I implement that? Any help would be appreciated. Sharda On Tue, Sep 15, 2009 at 3:19 PM, George Sexton geor...@mhsoftware.com wrote: AD servers run an LDAP connector. You use and LDAP API library and try to bind to the tree using the user's name and password for credentials. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:12 PM To: Tomcat Users List Subject: Re: Container based authentication using LDAP and Active Directory How can I implement LDAP to authenticate against AD? Can you please elaborate? I need AD for authentication and LDAP fro authorization. Thank you, Sharda On Tue, Sep 15, 2009 at 3:08 PM, George Sexton geor...@mhsoftware.comwrote: You can use LDAP to authenticate against AD. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 -Original Message- From: sharda k [mailto:sktom...@gmail.com] Sent: Tuesday, September 15, 2009 2:01 PM To: users@tomcat.apache.org Cc: sktom...@gmail.com Subject: Container based authentication using LDAP and Active Directory Hi, I want to implement Container based Authentication for a new web site I am working on. The scenario that I have is: - User ids are being stored in LDAP - User credentials(password) are being stored in Active Directory (AD). - User roles are gain being stored in LDAP In all examples that I could find in different websites write about LDAP authentication in Tomcat. Is there a way we can combine both LDAP and AD for authentication? Also I want to use custom login page for it. Any help on this would be appreciated. Thanks, Sharda - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
