|
Balazs, A couple of years ago, I wrote an LDAP realm before Tomcat enhanced their JNDI realm to work with Novell. We now use the base JNDI realm to achieve single sign-on. You should be able to take the memory realm and add calls to the toolkit procedures. The source is in org.apache.catalina.realm. You will have to add the toolbox jar to the server/lib directory. Assuming you are running Tomcat on the iSeries with the native drivers. For single signon, I created a filter that swaps the thread user for an authenticated thread. I also set a ThreadLocal user in that filter. Database connections are pooled at the user level and you may need to go to lower to pick up attributes like commitment control. I set up a DataSource that picks up the ThreadLocal user and what I call a database/context and use that to pool and configure connections. I could share the DataSource code if you are interested. Off of the iSeries, you will need to have a Kerberos server configured and use the Kerberos connection support. I haven't done this yet but am working on this right now. David Morris >>> balazs.vojtek@xxxxxxxxxxx 10/20/2003 7:05:59 AM >>> Hi, We have an intranet solution, recently running on a WIN NT machine that displays and manipulates AS/400 data. Now we installed a Tomcat standalone version 4.1.24. There was no problem with deploying of the application except that we'd had to remove Java 1.4 features because of the lower version of Java on AS/400. Now we hve some issues to solve for best performance and admin capabilities: 1.) achieve a single-step login to the application that would be equal to AS/400 login, and also to use this login information to AS/400 database. Till now we had a memory realm on the tomcat, and had only one common as400 user name and password stored in the web.xml as init parameter. This was OK. for testing purposes, but not good for the company security requirements. As I've read a JNDI realm has to be configured, but I don't know how to configure it. 2.) create a connection pool based on the sign-on JNDI configuration that would application-wide manage database connections for all users. Thank you for your answer it will help me a lot Balazs
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.