List,
I've developed a Java EE 5 application running on Glassfish v2.2.1. The web application is protected using an LDAP security realm. This is working quite fine. Now, I like the security realm to check multiple LDAP services for a possible match.
Example, I've got:
* LDAP Server 1 (OpenDS)
* LDAP Server 2 (Active Directory)
Each server contains a different set of users. I want users from both servers to be able to log-in to my web application.
This is my realm for LDAP Server 1:
<auth-realm classname="com.sun.enterprise.security.auth.realm.ldap.LDAPRealm"
name="My Realm">
<property name="directory" value="ldap://localhost:1389"/>
<property name="base-dn" value="ou=Users,dc=myapp,dc=com"/>
<property name="jaas-context" value="ldapRealm"/>
<property name="group-base-dn" value="ou=GROUPS,dc=myapp,dc=com"/>
</auth-realm>
I believe that it is possible to specify a failover for the directory by specifying multiple LDAP servers in the directory property. But what about chaining the servers? Is the solution to create a custom security realm class?
Kind regards,
Allan