Hello everyone,
I am new to Apache?s Shiro, find it quite comfortable to work with,
though. After going through the documentation I have some basic
questions left open. If these questions can be answered by a simple
search which I might have missed, please kindly point me in the right
direction.
We have developed a web-application using the vaadin framework.
Currently we are using some basic authentication with users, groups
and roles. Since the web-application has no access to already existing
user information (stored on a LDAP-Server) all the necessary data has
to be entered at least twice. So our goal would be a direct
authentication against an already existing LDAP or Active-Directory
Server. With this setup we have some problems, though. For
persistently reasons we need to store a local copy of some data. For
example we want to store the user name since it could be deleted on
the LDAP-Server but we still want to be able to address the
corresponding data. For security and consistency reasons we do not
want to copy the password. On the other hand the server, which is
holding this kind of data, might not be accessible from the
web-application. (Most of the times the LDAP-Server isn?t reachable
from the internet)
Does anyone have any experience with such a setup? Is the approach
wrong? Would it work with some sort of reversed proxy setup? I
appreciate any help or ideas,
Thank you in advance,
Stephanie
