.
-Original Message-
From: John Holman [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 14, 2001 5:55 PM
To: [EMAIL PROTECTED]
Subject: Re: JNDI/LDAP realm
- Original Message -
From: Steve Downey [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, May 14, 2001 5:39 PM
, 2001 5:55 PM
To: [EMAIL PROTECTED]
Subject: Re: JNDI/LDAP realm
- Original Message -
From: Steve Downey [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, May 14, 2001 5:39 PM
Subject: RE: JNDI/LDAP realm
The downside to binding with the supplied credentials
+1 !!!
Saludos ,
Ignacio J. Ortega
-Mensaje original-
De: GOMEZ Henri [mailto:[EMAIL PROTECTED]]
Enviado el: martes 15 de mayo de 2001 9:46
Para: [EMAIL PROTECTED]
Asunto: RE: JNDI/LDAP realm
Why not having all realm code (JDBC/JNDI/LDAP/JAAS) shared
in a common tomcat
John Holman wrote:
I preferred binding to the directory with supplied credentials because it
allows the realm implementation to use an anonymous password for the rest
of
what it needs.
+1
The only advantage I can see
for having the realm retrieve the password is that it makes http
, if
you're not replicating LDAP.
All in all, making it configurable is probably a good idea.
-Original Message-
From: Ellen Lockhart [mailto:[EMAIL PROTECTED]]
Sent: Sunday, May 13, 2001 12:58 PM
To: [EMAIL PROTECTED]
Subject: Re: JNDI/LDAP realm
I preferred binding
- Original Message -
From: Steve Downey [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, May 14, 2001 5:39 PM
Subject: RE: JNDI/LDAP realm
The downside to binding with the supplied credentials is that it chews up
a
file descriptor. For light loads, it's not an issue. For heavy
I preferred binding to the directory with supplied credentials because it
allows the realm implementation to use an anonymous password for the rest of
what it needs.
To allow for DN's in the directory that may not be composed of the same
attributes as other DN's, one thing I was thinking about
I preferred binding to the directory with supplied credentials because it
allows the realm implementation to use an anonymous password for the rest
of
what it needs.
Yes - I think binding is the better approach in general. Also the directory
can then contain password hashes rather than