I currently try to find out how to set-up my Java EE application to enable authentication and authorization versus LDAP. Thereby, the application runs on TomEE 1.6.
In the meantime, I started feeling more and more lost as I seem to miss some of the basic concepts and at the same time struggle to find appropriate documentation. What I have so far:
- Set up a test application to work with a
LoginProviderroughly following the TomEE Testing Security 3 example. - Set up another test with a JAAS login module.
Now, what I'm asking myself is the following: should I write my own LDAP login provider? Or should I use the Tomcat JAAS realm together with an JAAS LDAP module and how would this work together with openEJB? Or would the Tomcat JNDI realm be appropriate, which is called not threadsafe here?
Any help/guidance would be greatly appreciated!
Aucun commentaire:
Enregistrer un commentaire