-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 David,
On 2/20/15 11:35 AM, David kerber wrote: > I have several instances of TC 7.x on windows, running the same > in-house developed application for different outside customers. > Those instances are each tied to a specific database, and cannot > talk to any other dbs. > > My in-house users occasionally need to log into the application > instance for a specific customer to do administrative tasks for > them, and the authentication is tied to the specific instance they > are working with (the database for that instance). I am trying to > work out a way of letting them log into any instance with a single > "master" login, which would require all of the instances to > authenticate against the same server/source/whatever you call it. > > I can only come up with two options: LDAP authentication against > my Windows domain controller, or a separate database that any of > the instances can connect to. I know either of these would > require additional code work, which isn't a problem, and I have a > good feel for what's involved in db authentication. > > But I don't have a good feel for LDAP auth. How difficult is that > to get working in TC 7.x? It shouldn't be too hard. You can probably do this all with configuration of existing components: you can use the CombinedRealm to first try your local data source, and then try an LDAP data source for authentication (or the other way around, whichever you prefer). - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJU52Q9AAoJEBzwKT+lPKRYmAIP/iWfYp86p0fpI81ip4ku+/Fl f3spMlRnCVczd1j4wIy6o6Zi37G79q6XPBraFLHrJ9hLlpJWFhGW9f+zZd9EsJQ7 ttW+ddhCI92kSVQ4g5McLGj3MHk3x2JJnYgWJfvMRf6RGPI9WhPX901KXBsmam/l mjQKszl9rmQMe6YO9AZNzvQ6kro/qSChywOZXoRHW3oLePXw9qv8ImNL9JhfD/xa VxRobsEGpCN7WTWUXx9Y9nFdkWIUF1JqIR4F+szj6EN+YA5UVSy5BuPcCpDKMddI 0aOUFwtrTj9J6QA0xuXbMrUakdgPNYGTZesC9n9AyPKWAUE8/cXGbxJFUx+QbXhz E9+Mgkf2b+/qowoDbaOLUuzCX2V76Bce1lQnM4umoxyPfTLwmqzNXqXsLjF1leit Wf7f5jn99LpLyhpVajq9s+U0z4/jpZZQzb1I2BkWZ3v1bf+WcIFo/g3HaHyGoZ64 Fpglz6BDxqR8NsmFmYQ4pYZlA+8s/KR/IgI10W0GlCTnxWtuGyNG65kXqpUgfjjq O96l+G72qZHNYbmJr7KWMaoMDzqKYjz7FIwUQ3BztZlx5QYvMO+951da0GuclpzK 9aEhSz/uMzcE59WGMsUZmLg0d1Q/LfF6tEOfP//BBFLyvTI0zqojahz/067T5rTJ Bb2DTkeZGCR+lWe6KISX =KURn -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
