× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. JAVA400-L
  3. October 2003

Re: Tomcat JNDI Realm on iSeries

Balazs,

A couple of years ago, I wrote an LDAP realm before Tomcat enhanced
their JNDI realm to work with Novell. We now use the base JNDI realm to
achieve single sign-on.  You should be able to take the memory realm and
add calls to the toolkit procedures. The source is in
org.apache.catalina.realm. You will have to add the toolbox jar to the
server/lib directory. 

Assuming you are running Tomcat on the iSeries with the native drivers.
For single signon, I created a filter that swaps the thread user for an
authenticated thread. I also set a ThreadLocal user in that filter.
Database connections are pooled at the user level and you may need to go
to lower to pick up attributes like commitment control. I set up a
DataSource that picks up the ThreadLocal user and what I call a
database/context and use that to pool and configure connections. I could
share the DataSource code if you are interested. Off of the iSeries, you
will need to have a Kerberos server configured and use the Kerberos
connection support. I haven't done this yet but am working on this right
now.

David Morris


>>> balazs.vojtek@xxxxxxxxxxx 10/20/2003 7:05:59 AM >>>
Hi,

We have an intranet solution, recently running on a WIN NT machine
that displays and manipulates AS/400 data. Now we installed a Tomcat
standalone version 4.1.24. There was no problem with deploying of the
application except that we'd had to remove Java 1.4 features because
of the lower version of Java on AS/400.
Now we hve some issues to solve for best performance and admin
capabilities:

1.) achieve a single-step login to the application that would be equal
to AS/400 login, and also to use this login information to AS/400
database.
Till now we had a memory realm on the tomcat, and had only one common
as400 user name and password stored in the web.xml as init parameter.
This was OK. for testing purposes, but not good for the company
security requirements. As I've read a JNDI realm has to be configured,
but I don't know how to configure it.

2.) create a connection pool based on the sign-on JNDI configuration
that would application-wide manage database connections for all users.

Thank you for your answer it will help me a lot

Balazs

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.